Cannot configure Fiddler proxy in Android to decrypt HTTPS

Question

I am trying to set up Fiddler proxy to capture traffic from a Xamarin app. I have completed the following steps:

1. Installed Fiddler v5.0.20173.50948 on a Windows machine
2. Set Allow remote computers to connect and port 8888
3. Set Capture HTTPS CONNECTs, Decrypt HTTPS traffic and ...from all processes, installed the root cert to Trusted Root Certification Authorities folder.
4. on Android device I'm using the same Wi-Fi network and configured manual Wi-Fi proxy with PC's ip and port 8888
5. I was able to open ipv4.fiddler:8888, downloaded the cert and installed it on the Android device, I can see it in Trusted credentials>User. I compared the thumbprint on the PC cert and Android cert, they are the same.

Fiddler is able to capture traffic from some websites, but for the URLs I care about I only see tunnel CONNECTs, but no decrypted traffic.

PS When these steps didn't work I also tried:

• resetting all certs in Fiddler and re-installing them on both PC and the Android device
• installing the cert for VPN and apps as well as for Wi-Fi in Android

That didn't help.

Any help is very appreciated.

Answer 1

maybe it is caused by some app using SSL pinning, you could try JustTrustMe or tool like http://repo.xposed.info/module/mobi.acpm.sslunpinning but first you should install a framework http://repo.xposed.info/module/de.robv.android.xposed.installer

Attention: it's better to do this in simulator since it may cause damage to your device