Use SSLKEYLOGFILE to decrypt HTTPS as an alternative to Fiddler Root certificate

Progress® Telerik® Fiddler™ Classic Feedback Portal

Create an account Log In

Back to Feed

Request a Feature Report a Bug

Under Review

Last Updated: 20 Aug 2018 05:00 by Imported User

Imported User

Created on: 19 Aug 2016 14:43

Type: Feature Request

Use SSLKEYLOGFILE to decrypt HTTPS as an alternative to Fiddler Root certificate

I came across an article (https://jimshaver.net/2015/02/11/decrypting-tls-browser-traffic-with-wireshark-the-easy-way/) describing how Wireshark is able to decrypt SSL encrypted network traffic by making use of a feature in Mozilla Firefox and Google Chrome: If a system environment variable named SSLKEYLOGFILE is set to a valid filename, those browsers will write SSL key data to the file. Wireshark, in turn, uses to the contents of the file to decrypt SSL encrypted packets that it captures.

Assuming it's technically possible, it would be great if Fiddler could do the same as an alternative to use the Fiddler Root certificate.

3 comments

Imported User

Posted on: 20 Aug 2018 05:00

I agree that this would be a very valuable enhancement. The current approach with Fiddler acting as a man-in-the-middle for example doesn't work if the server uses HSTS.

Tsviatko

Posted on: 01 Sep 2016 05:00

Dan,is there something that bothers you in the certificates approach?

Eric

Posted on: 22 Aug 2016 05:00

It's a huge amount of code for very questionable benefit, but it's potentially possible.