Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-5275: How to capture network traffic from iOS devices using Fiddler

Centrify Identity Service, App Edition ,  

12 April,16 at 11:07 AM

Applies to: Centrify Identity Service for Mobile / SaaS / Office 365

Question:

Centrify Support has requested Fiddler traces from an iOS device. These are used for troubleshooting a range of issues, especially issues with authenticating to mobile applications.

How are these traces retrieved?


Answer:

You will need a wireless network, iOS device, and a Windows machine with Fiddler installed. Fiddler is a tool for capturing web traffic.

Configure the Windows/Fiddler host to capture traffic from the mobile device
  1. Download and install Fiddler and then open the application.
  2. Click Tools > Fiddler Options > Connections
  3. Click the checkbox to "Allow remote computers to connect".
    • User-added image
  4. Restart Fiddler.
  5. Ensure your firewall allows incoming connections to the Fiddler process. 
  6. Hover over the "Online indicator" at top right of the Fiddler toolbar to display the IP address(es) assigned to the Fiddler host machine.
    • User-added image
    • Note: Save this address for later use on the mobile device.
  7. Verify the iOS device can reach Fiddler by navigating in the browser to
    • http://[IPAddressofFiddlerHostMachine]:8888 
    • This address should return the Fiddler Echo Service page.
  8. Verify that Fiddler is capturing traffic by going to File > Capture Traffic. There should be a check mark.
    • User-added image



Install the Fiddler root certificate on the Windows/Fiddler host to decrypt HTTPS traffic
  • Note: After the root certificate is installed, all web traffic on the host machine will be decrypted and captured using Fiddler. Proceed with caution.
  1. Download and install the Certificate Maker plugin for Fiddler.
  2. Restart Fiddler.
  3. Click Tools > Fiddler Options > HTTPS
  4. Click the "Decrypt HTTPS Traffic" box
    • User-added image
  5. A warning box will appear to trust the Fiddler Root certificate. Click the Yes button.
  6. Another warning box will pop up asking to install the Fiddler Root certificate. Click the Yes button.



To capture traffic from an iOS device
  1. On the iOS device, disable any 3G/4G connections.
  2. Go to Settings > Wi-Fi
  3. Click on the Wi-Fi network to go to the settings.  
    • Note: The Wi-Fi network that the iOS device is on needs to be on the same network that the Fiddler host machine is on.
  4. Tap the "Manual" button in the HTTP Proxy section.
  5. In the Server box, type the IP address or hostname of the Fiddler instance (from Step 6 of the Windows machine configuration section).
  6. In the Port box, type the port Fiddler is listening on (Usually 8888
  7. Ensure the Authentication slider is set to Off.
    • User-added image



Install the Fiddler root certificate on iOS device to decrypt HTTPS traffic
  • Note: After the root certificate is installed, all web traffic on your iOS device will be decrypted and captured using Fiddler. Proceed with caution.
  1. Go to http://ipv4.fiddler:8888/ in the iOS browser.
  2. Download the FiddlerRoot certificate from the bottom of the Fiddler Echo Service webpage.
  3. Open the FiddlerRoot.cer file and tap the Install button. 
    • User-added image
  4. There will be a warning message. Click the Install button again.



Reproduce the issue on the iOS device and capture the traffic
  1. Reproduce the issue on the iOS device and the web traffic should now be seen being captured in Fiddler. 
  2. After the issue has been captured, go to File > Save > All sessions...
  3. Send in the .saz file in to Centrify Support for further investigation.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.