Introduction
Many times, in our projects, we have to work with secure Web Services. Most of the time, for development purposes, we need to track the Service requests and responses.
In this post we will discuss, how we can secure Services through Fiddler. Fiddler is a free Web debugging proxy that works with any Browser, system or platform. For further information, check it out here.
Now, let’s see, how we can enable Fiddler to track the secured Services.
Configure Fiddler
We are using Fiddler Web Debugger (v4.5.1.2) in this demonstration, but the process is similar for all nearby Fiddler versions.
Launch Fiddler and go to “Fiddler Options…”
![Fiddler]()
Select HTTPS tab and select “Capture HTTPS CONNECTs”, “Decrypt HTTPS traffic” and “Ignore Server certification errors (unsafe)” check boxes and click “OK”.
![https]()
This will export the certificate on the selected location. Below messages will be shown, once it is completed successfully. Click “OK”.
![message]()
Now, let’s register this certificate in the system. For this, first go to Run and type “MMC” command. This will open “Microsoft Management Console”.
![run]()
Click “File” and select “Add/Remove Snap-in…”.
![Add/Remove Snap-in]()
Select “Certificates” on the left and click “Add >”.
![Add]()
It will ask for type of account to be used, select “Computer account” and click “Next”.
![Next]()
Next, select “Local computer” as a computer type and click “Finish”.
![Local computer]()
This will add Certificates in the selected snap-ins. Click “OK”.
![Certificates]()
Once you are back on Console Window, Certificates (Local Computer) is now visible on the left column. Right click on “Trusted Root Certification”, select “All Tasks” and click “Import…”.
![Import]()
It will open a Certificate Import Wizard. Just click “Next >”.
![Next]()
Select the certificate we have saved on the desktop earlier and click “Open”.
![Open]()
Next screen shows, what file you are importing. Don’t change anything and click “Next >”.
![Next]()
In its final step, Wizard shows the summary of what is imported. Click “Finish”. In case of success, it will show you a message “The import was successful”.
![import]()
![import]()
Don’t forget to save Console. Try to close the Console Window and it will ask to save it. Click “Yes” to save the settings.
![save]()
If you have also saved the settings previously, it will ask for overwrite, save the new settings.
![settings]()
In the last step, add the code, given below in your Application’s Web.config. This will route everything through your local proxy.
- <defaultProxy>
- <proxy proxyaddress="http://127.0.0.1:8888" usesystemdefault="False" />
- </defaultProxy>
Now, open Fiddler and run your Application. Fiddler will now track all HTTP as well as HTTPS Web Services.