how can i import fiddler-generated Certificate to iOS device

5
votes

Fiddler2's help page (http://www.fiddler2.com/fiddler/help/httpsdecryption.asp) says the following:

Q: Can Fiddler intercept traffic from Apple iOS devices like iPad/iPhone/iPod Touch?

A: Yes, but you must replace Fiddler's default certificate generator. Download and install the new Certificate Maker and restart Fiddler. Note: The plugin certificate generator currently requires Windows Vista or later. Windows XP and 2003 will show an error message in the Log tab and will not properly work with this plugin.

But how can I import the fiddler-generated Certificate to iOS device, such as iTouch?

Any reply is appreciated.

1
ioshttpsfiddler
I doubt you can do this.Blender
how come? fiddler's author says yes.macskuz
The author says that you can intercept traffic from the device (i.e. you being on the computer and sniffing an iPod Touch's traffic), not with the device.Blender
i just mean it! what i want is https traffic and fiddler need Certificate to decryption the traffic, but first i must import the Certificate into iPod touch, then i can set iOS's proxy to my computer's IP address, then i can capture iOS's trafficmacskuz
Blender, you misunderstand the purpose of this. Fiddler can't read the traffic because it is encrypted. In order to bypass the encryption, Fiddler must act as a man-in-the-middle, but it can only do this if it can supply a certificate that is trusted by the device. It can provide a root certificate, but you need to import this into iOS in order for it to be trusted and consequently for Fiddler's MITM certificates to be trusted.Jim

1 Answers

9
votes

You should be able to install the certificate by navigating to http://example:8888/FiddlerRoot.cer, where example is the machine running Fiddler.