After the initial startup, the Fiddler Everywhere application could only capture non-secure traffic (HTTP) while SSL traffic is not captured. To enable capturing and decrypting HTTPS traffic, you will need to explicitly install a root trust certificate via the HTTPS sub-menu in Settings.
The Trust root certificate button installs and trusts the Fiddler root certificate. The option is available on macOS and Windows - on Linux OS you will have to manually export and trust the root certificate.
The Capture HTTPS traffic option defines if Fiddler Everywhere should capture HTTPS traffic or skip it. By default, this option is disabled. First, you need to confirm whether the root certificate is trusted to enable the HTTPS traffic capturing. If it is trusted, you can enable the capture option.
The Ignore server certificate errors controls whether Fiddler will warn you if an HTTPS server has presented a certificate that did not validate. You should not check this box when surfing the Internet due to the spoofing security threat.
A typical case example would be certificate validation error on macOS while trying to access *.icloud.com domains. Use the option to ignore the validation error and continue the debugging process.
The Advanced Settings drop-down provides several options to operate with the root Fiddler certificate. Use the buttons to trigger actions as described below.
Expand Advanced Settings drop-down to show the Export Root Certificate button. Click the button to export Fiddler the root certificate to the Desktop folder for manual import and trusting of the Fiddler Everywhere certificate. The exported file will be named FiddlerRootCertificate.crt
Some operating systems might not have a folder named Desktop. In such cases, you will need to create this folder to export the certificate manually successfully.
Expand Advanced Settings drop-down to show the Reset root certificate button. The action will remove the currently trusted root certificate, generates a new one, and trust it. Several OS prompts will be shown that you will have to accept.
Expand Advanced Settings drop-down to show the Remove Root Certificate button. The action will remove the currently trusted root certificate from the OS certificate store. As a result, this will disable the capturing of HTTPS traffic.