Capture Traffic from iOS Device
Configure Fiddler Classic
Open Fiddler Classic and stop capturing.
Open Tools > Options > HTTPS and disable Capturing HTTPS Connects.
Close Fiddler Classic and install BouncyCastle (CertMaker.dll) from here. – this will add CertMaker.dll in your Fiddler installation, changing the way certificates are generated. With this option, Fiddler Classic will use only one root certificate and will not generate intermediate certificates for each option.
After installation is complete, open Fiddler, open Tools > Options > HTTPS menu use Actions > Reset all certificates option. This will remove all previously used certificates and will trust the new one.
After agreeing with all system dialogs, enable Capturing (Tools > Options > HTTPS and check Capturing HTTPS Connects) and decryption of HTTPS traffic ((Tools > Options > HTTPS and check Decrypt HTTPS traffic)).
Open Tools > Options > Connections.
Click the checkbox for Allow remote computers to connect.
Restart Fiddler.
Ensure your firewall allows incoming connections to the Fiddler Classic process and that it's not blocking all incoming connections, including those in the list of allowed apps.
-
Hover over the Online indicator at the Fiddler Classic toolbar's far-right to display the IP addresses assigned to Fiddler's machine. Use this address on your iOS device (see the 5th step in the iOS device setup steps below).
![Online Tooltip][2]
Verify client iOS device can reach Fiddler Classic by navigating in the browser to http://FiddlerMachineIP:8888. This address should return the Fiddler Echo Service page.
For iPhone: Disable the 3g/4g connection.
Set the iOS Device Proxy
On the iOS device open Settings > General > VPN & Device Management and remove all DO_NOT_TRUST_FiddlerRoot profiles. You must remove them (not disabling them).
Go to Settings > WiFi on your iOS device.
Find your current network and click the i icon.
Scroll to the bottom and choose Manual in the Configure Proxy option.
Type your Fiddler Classic machine IP address in the Server field.
-
Type the Fiddler Classic listening port (8888 by default) in the Port field and finally tap on Save.
With the current setup, you should be able to capture non-secure HTTP traffic. However, if you try to open any HTTPS website, you'll get the This site's security certificate is not trusted! error. To fix this, proceed with the steps that follow below.
Open a browser on the iOS device and type the Fiddler Classic echo service address: http://ipv4.fiddler:8888
-
Click on the Fiddler Classic root certificate link to download it.
Ensure that the Fiddler Classic certificate is generated through the BouncyCastle certificate generator.Learn more about certificate generators and how to install and enable BouncyCastle here....
On your iOS device, open General > VPN & Device Management and install the certificate via the Profile Downloaded. Note that this option will appear after the certificate is downloaded.
(iOS 10.3+) Go to General > About > Certificate Trust Settings and enable full trust for the DO_NOT_TRUST_FiddlerRoot certificate. Note that you will see the DO_NOT_TRUST_FiddlerRoot certificate only after completing the previous step.
Uninstall FiddlerRoot Certificate
If you decide to uninstall the root certificate:
Tap the Settings app.
Tap General.
Scroll to VPN & Device Management.
Tap the DO_NOT_TRUST_FiddlerRoot* profile.
Tap Remove.