Technical Learning

Fiddler Capturing HTTPS

📢 This article was translated by gemini-2.5-flash-lite

Introduction

By default, Fiddler only captures HTTP traffic. You need to configure it to capture HTTPS. Most websites now use HTTPS or HSTS, so enabling HTTPS capture is essential.

Fiddler Settings

In Settings -> HTTPS, check Capture HTTPS traffic. You can also check Ignore server certificate errors(unsafe), but this might not be secure. Then, save the settings.

Browser Settings

After enabling HTTPS capture, your browser might show certificate errors, like “Connection is not secure” or “Your connection is not private.” You need to import the relevant certificate. Here’s how for Firefox:

First, download the Fiddler certificate. In the settings section mentioned above, click Export root certificate to Desktop. This will export the certificate to your desktop (~/Desktop/).

Then, go to Firefox settings. Under Privacy & Security -> Certificates, view certificates and import the one you just downloaded. In the pop-up window, select all trust options.

After importing, you should be able to access websites normally, and Fiddler will correctly capture HTTPS requests and responses.

Fiddler
This post is licensed under CC BY-NC-SA 4.0 by the author.