HTTPS Menu

After the initial startup, the Fiddler Everywhere application captures only non-secure traffic (HTTP). SSL encrypted traffic isn't captured by default. To enable capturing and decrypting HTTPS traffic, you need to install the Fiddler root certificate via the HTTPS sub-menu under Settings.

default https settings

Trust root certificate

The Trust root certificate button installs and trusts the Fiddler root certificate. The option is available only on macOS and Windows. On Linux, you have to manually export and trust the root certificate. After you install the certificate, you are ready to enable the capturing of HTTPS traffic.

Capture HTTPS traffic

The Capture HTTPS traffic option defines if Fiddler Everywhere should capture HTTPS traffic or skip it. By default, this option is disabled. Before you enable the capturing of HTTPS traffic, you must trust the Fiddler root certificate.

Ignore server certificate Errors (unsafe)

The Ignore server certificate errors button controls whether Fiddler warns you if an HTTPS server presents a certificate that cannot be validated. You should not check this box when surfing the Internet due to the spoofing security threat.

A typical use case for the Ignore server certificate errors option would be certificate validation errors on macOS while trying to access *.icloud.com domains. Use the option to ignore the validation error and continue the debugging process.

Advanced Settings

The Advanced Settings drop-down provides several additional options related to the Fiddler root certificate.

 Advanced Settings

Export root certificate

Expand the Advanced Settings drop-down to show the Export Root Certificate button. Click the button to export the Fiddler root certificate to the Desktop folder. Then you can manually import and trust the Fiddler Everywhere certificate. The name of the exported file is FiddlerRootCertificate.crt.

Some operating systems might not have a folder named Desktop. In such cases, you need to create this folder to export the certificate successfully.

Reset root certificate

Expand the Advanced Settings drop-down to show the Reset root certificate button. Click the button to remove the currently trusted root certificate, generate a new one, and trust it. Several OS prompts will be shown, and you have to accept all of them.

Remove root certificate

Expand the Advanced Settings drop-down to show the Remove Root Certificate button. Click the button to remove the currently trusted root certificate from the OS certificate store. As a result, the capturing of HTTPS traffic will be disabled.

Additional Resources

In this article