Capturing Fiddler Traces on Windows IoT Core

Fiddler is a tool for debugging web traffic. It's particularly helpful because you can customize it for specific needs using extensions and add-ons, and the tool provides a lot of useful information specific to web traffic.

Assumptions

  • You have PuTTY on your developer box or an alternative for SSH
  • The instructions below make the assumption of a IoT Core VM but will work on any IoT Core device

Initial Setup

  1. Download and install the latest version of Fiddler on your developer box if you haven't already

  2. Start Fiddler and make the following setting updates under Tools -> Telerik Fiddler Options -> HTTPS tab

    • Check Capture HTTPS CONNECTs
    • Check Decrypt HTTPS Traffic -> from all processes
    • Click on the 'Certificates generated by' link and select MakeCert engine (Recommendation: Restart Fiddler for this change to take effect)
    • Next, export the FiddlerRoot.cer file via Actions -> Export Root Certificate To Desktop
  3. Make the following setting updates under Tools -> Telerik Fiddler Options -> Connections tab:

    • Setup Fiddler to act as a system proxy by checking Allow Remote Computers to Connect Fiddler listens on port should be set to 8888

Note: You should restart Fiddler after this and accept any UAC prompt.

Transfer and Import Fiddler Root Certificate

You'll need to import the Fiddler root certificate to your IoT image or device in order to debug https traffic routing through your PC. To do this:

  1. Mount the VHD file (right click on the VHD and choose mount) or connect to your IoT device via PuTTY (or alternative SSH client)
  2. Browse to the mainOS partition and create a test folder at root (via SSH, use md c:\test)
  3. Copy FiddlerRoot.cer you generated above (should be on your desktop by default) to the test folder location
  4. If using a VHD, unmount it by ejecting any of the mounted drives and then start the IoT Core VM via Hyper-V
  5. Start an SSH session and login as administrator
  6. Navigate to c:\test directory in your SSH session
  7. Import Fiddler Root Certificate via command: certmgr -add FiddlerRoot.cer -r localmachine -s root
  8. Close SSH session

Setup Proxy on VM or IoT Core Device

The steps below will allow your IoT VM or device to route traffic through your PC so that Fiddler can capture network traffic for analysis:

  1. Determine the IP of your development machine using a CMD console via ipconfig**
  2. Start a new SSH session and this time, login as defaultUser (Username: DefaultAccount Pwd: [blank] )
  3. Set the proxy via the following commands:
    • reg add "hkcu\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 1
    • reg add "hkcu\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /t REG_SZ /d [PC IP address]:8888

If not already running, start Fiddler on your PC, restart your VM or IoT Core device and traffic should now be routed through Fiddler.

Note: If you see https CONNECT in Fiddler but no data, the certificate was likely not installed correctly. Make sure you didn't miss the Transfer and Import Fiddler Root Certificate steps above.

Additionally, if you wish to turn the proxy back off note that the above reg keys get cached in a binary blob in another key. so, in addition to removing the keys just added in step 3 above you also need to do:

    reg delete "hkcu\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections"