How to Capture HTTPS Traffic With Fiddler in Java
-
Configure the
Fiddler - Generate a KeyStore
-
Configure the Application Code to Capture HTTPS Traffic With
Fiddler -
Configure the
Eclipseto Capture HTTPS Traffic WithFiddler
The Fiddler is a web debugging proxy tool that helps developers to debug web applications. It allows to capture of network traffic and monitor incoming and outgoing data.
This article will teach us to set up the Fiddler to capture HTTPS traffic. So, users can capture the HTTPS traffic with Java without any error.
Configure the Fiddler
Users should follow the below steps to configure the Fiddler.
-
Download the
Fiddlerhere and install it to your local computer. -
Now, ensure that
Fiddlercaptures the HTTPS traffic, as shown in the image below.
-
Next, open the
Tools>Options. It will pop-up a dialog box. Go to theConnectionstab. -
Now, ensure the value of the
Fiddler listens on porttext field, which we will use in our Java code. The default value of it is8888. -
In the
Optionsdialog box, go to theHTTPStab and ensure thatCapture HTTPS ConnectsandDecrypt HTTPS Trafficare checked. Also, select...from all processesin the dropdown menu ofDecrypt HTTPS Traffic.
-
Next, install the certificate.
-
As a final step, in the
HTTPStab of theOptionsdialog, click on theActionsbutton and select theExport Root Certificate to Desktopto export the certificate on the desktop of your device.
Generate a KeyStore
We must generate a KeyStore with the certificate we have exported to the desktop.
-
Run the
Command Promptas an administrator. -
Users need to enter the below command to the terminal to find the root directory.
echo %JAVA_HOME% -
Inside the terminal, go to the root directory of Java which you got in the above step.
-
Next, go to the
binfolder of the Java directory using thecd bincommand in thecmd. -
Run the below command to the terminal.
keytool.exe -import -file C:\Users\\\Desktop\\FiddlerRoot.cer -keystore FiddlerKeystore -alias Fiddler -
Enter the password, and then you must confirm it by re-entering it.
-
Press
yto answer theTrust this certificate.
Configure the Application Code to Capture HTTPS Traffic With Fiddler
We have set up the Fiddler and generated a KeyStore with the certificate. Users need to add the code below to the application to capture the HTTPS traffic with Java.
// To capture HTTPS traffic
System.setProperty("https.proxyHost", "127.0.0.1");
System.setProperty("https.proxyPort", "8888");
// To capture HTTP traffic
System.setProperty("http.proxyHost", "127.0.0.1");
System.setProperty("http.proxyPort", "8888");
Also, users can use the localhost instead of 127.0.0.1. If users want to use a different port than 8888, they also need to change the port inside the Fiddler, which we have explained in the Configure Fiddler section.
Configure the Eclipse to Capture HTTPS Traffic With Fiddler
If users want to configure Eclipse IDE to capture HTTPS traffic rather than adding the code to the application, they should follow the below steps.
-
Go to
Run>Run Configurationsfrom the menu bar. -
From the sidebar of the
Run Configurationsdialog box, choose a project and go to theArgumentstab. -
Enter the arguments below in the
VM Argumentssection.-DproxySet=true -DproxyHost=127.0.0.1 -DproxyPort=8888 -Djavax.net.ssl.trustStore="path\to\java_home\bin\FiddlerKeyStore" -Djavax.net.ssl.trustStorePassword="password_used_during_keystore_creation"
-
Now, click the
Applybutton and press theRunbutton.
We have successfully set up the Fiddler to capture HTTPS traffic in this article. Also, we have generated the KeyStore using the fiddler certificate.
After that, we have two choices to capture HTTPS traffic using a Java application. The user can either set up Eclipse or add code to the application code.
