Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-5474: How to capture network traffic from Mac devices using Fiddler

Centrify Identity Service, App Edition ,  

29 June,16 at 01:13 AM

Applies to: All versions of Centrify Identity Service on Mac OS X

Question:

As there is no way to install Fiddler on Mac, how to retrieve the fiddler traces from Mac devices?

Answer:

A wireless network, a mac, and a Windows machine with Fiddler installed will be required for collecting the Fiddler trace. Fiddler is a tool for capturing web traffic.

Configure the Windows/Fiddler host to capture traffic from the mobile device

  1. Download and install Fiddler and then open the application.

  2. Click Tools > Fiddler Options > Connections

  3. Click the checkbox to "Allow remote computers to connect".

User-added image

      4. Restart Fiddler.

      5. Ensure your firewall allows incoming connections to the Fiddler process. 

      6. Hover over the "Online indicator" at top right of the Fiddler toolbar to display the IP address(es) assigned to the Fiddler host machine.

User-added image

  • Note: Save this address for later use on the Mac.

      
      7. Verify the Mac can reach Fiddler by navigating in the browser to

  • http://[IPAddressofFiddlerHostMachine]:8888 

  • This address should return the Fiddler Echo Service page.

      8. Verify that Fiddler is capturing traffic by going to File > Capture Traffic. There should be a check mark.

                       User-added image

Install the Fiddler root certificate on the Windows/Fiddler host to decrypt HTTPS traffic

  • Note: After the root certificate is installed, all web traffic on the host machine will be decrypted and captured using Fiddler. Proceed with caution.

  1. Download and install the Certificate Maker plugin for Fiddler.

  2. Restart Fiddler.

  3. Click Tools > Fiddler Options > HTTPS

  4. Click the "Decrypt HTTPS Traffic" box

User-added image

      5. A warning box will appear to trust the Fiddler Root certificate. Click the Yes button.

      6. Another warning box will pop up asking to install the Fiddler Root certificate. Click the Yes button

To capture traffic from Mac

  1. On the Mac, disable any 3G/4G connections. 

  2. Go to System Preference > Networks > Wi-Fi > Advance > Proxies. 

  • Note: The Wi-Fi network that the Mac is on needs to be on the same network that the Fiddler host machine is on. ​

        3.  Uncheck for the box "Auto Proxy Discovery" and check for "Web Proxy" and "Secure Web Proxy" 

        4.  Configuring Web Proxy Server and Secure Proxy Server with the IP address of the Fiddler instance (from Step 6 of the Windows machine configuration section). 

        5.  In the Port box, type the port Fiddler is listening on (Usually 8888)

        6.  No need to check for the box "Proxy server requires password" 

User-added image

Install the Fiddler root certificate on Mac to decrypt HTTPS traffic

  • Note: After the root certificate is installed, all web traffic on mac will be decrypted and captured using Fiddler. Proceed with caution.

  1. Go to http://ipv4.fiddler:8888/ in the browser.

  2. Download the FiddlerRoot certificate from the bottom of the Fiddler Echo Service webpage.

  3. Open the FiddlerRoot.cer file and it will prompt to ask for modifying the Keychain Access. Please set for "always trust"

(Installing the root certificate)
User-added image

Reproduce the issue on the Mac and capture the traffic

  1. Reproduce the issue on the Mac and the web traffic should now be seen being captured in Fiddler. 

  2. After the issue has been captured, go to File > Save > All sessions...

  3. Send in the .saz file in to Centrify Support for further investigation.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.