Cannot configure Fiddler proxy in Android to decrypt HTTPS

Question

I am trying to set up Fiddler proxy to capture traffic from a Xamarin app. I have completed the following steps:

Installed Fiddler v5.0.20173.50948 on a Windows machine
Set Allow remote computers to connect and port 8888
Set Capture HTTPS CONNECTs, Decrypt HTTPS traffic and ...from all processes, installed the root cert to Trusted Root Certification Authorities folder.
on Android device I'm using the same Wi-Fi network and configured manual Wi-Fi proxy with PC's ip and port 8888
I was able to open ipv4.fiddler:8888, downloaded the cert and installed it on the Android device, I can see it in Trusted credentials>User. I compared the thumbprint on the PC cert and Android cert, they are the same.

Fiddler is able to capture traffic from some websites, but for the URLs I care about I only see tunnel CONNECTs, but no decrypted traffic.

PS When these steps didn't work I also tried:

resetting all certs in Fiddler and re-installing them on both PC and the Android device
installing the cert for VPN and apps as well as for Wi-Fi in Android

That didn't help.

Any help is very appreciated.

I guarantee this is due to what's called "certificate pinning". Basically, the apps you're trying to capture network comms from are trying to prevent that very thing by "pinning" their SSL certs down, so that it doesn't matter if you or someone tries to inject an alternative certificate, like Fiddler's. There are ways around this, depending on the app, but it may require some reverse engineering. — Coldblackice

J1B J1B · Accepted Answer · 2018-09-24T05:35:02

maybe it is caused by some app using SSL pinning, you could try JustTrustMe or tool like http://repo.xposed.info/module/mobi.acpm.sslunpinning but first you should install a framework http://repo.xposed.info/module/de.robv.android.xposed.installer

Attention: it's better to do this in simulator since it may cause damage to your device