Configure Fiddler Classic to Decrypt HTTPS Traffic

By default, Fiddler Classic does not capture and decrypt secure HTTPS traffic. To capture data sent through HTTPS, enable HTTPS traffic decryption.

Enable HTTPS traffic decryption

  1. Click Tools > Fiddler Options > HTTPS.

  2. Click the Decrypt HTTPS Traffic box.

    Fiddler Options -- Decrypt HTTPS Traffic

Skip traffic decryption for a specific host

  1. Click Tools > Fiddler Options > HTTPS.

  2. Type the hostname in the Skip Decryption.

    Skip Decryption

Skip traffic decryption for an application

To skip traffic decryption for a specific application or to decrypt HTTPS traffic only from a single host, you must modify the OnBeforeRequest function in the FiddlerScript.

Add a rule like this inside the OnBeforeRequest function:

    if (oSession.HTTPMethodIs("CONNECT") && oSession["X-PROCESSINFO"] && oSession["X-PROCESSINFO"].StartsWith("outlook")) 
    { 
        oSession["x-no-decrypt"] = "boring process";
    }      

Decrypt traffic from one hostname only

Add a rule like this inside the OnBeforeRequest function:

    if (oSession.HTTPMethodIs("CONNECT") && 
        !oSession.HostnameIs("SiteICareAbout.com"))
    { 
        oSession["x-no-decrypt"] = "do not care."; 
    }

See also

Responding to requests with client certificates

In this article
Not finding the help you need? Improve this article