很多实用fiddler抓包,对于http来说不需太多纠结,随便设置下就能用,但是抓取https就死活抓不了,
诸如以下问题:
creation of the root certificate was not successful
Failed to find the root certificate in User Root List
The Root certificate could not be found.
The root certificate could not be located.
Fiddler 抓取https 显示 Tunnel to ... 443
等等...
1.清除C:\\Users\\Administrator\\AppData\\Roaming\\Microsoft\\Crypto\\RSA 目录下所有文件(首次安装fiddler请忽略)
2.清除电脑上的根证书,WIN+R快捷键,输入:certmgr.msc, 然后回车,查找所有fiddler证书,然后删除。(首次安装fiddler请忽略)
3.清除浏览器上的证书文件 ,此处需要仔细查找带有FiddlerRoot的字样,并删除,以谷歌浏览器为例说明,在浏览器上输入: chrome://settings/,(首次安装fiddler请忽略)
4.打开fiddler,点击工具栏中的Tools—>Options,点击Actions,选择最后一项,Reset All certificates,然后关闭
注意:以上步骤假设是已经安装fiddler的情况下需要做的处理 ,若已安装,建议执行上述步骤,然后进行重新安装;
-----------------------------------------------华丽分割线---------------------------------------------------------
1.下载最新版fiddler ,强烈建议在官网下载:https://www.telerik.com/download/fiddler
2. 正常傻瓜式安装,下一步,下一步,安装完毕后,先不用急于打开软件。
3.下载并安装Fiddler证书生成器:http://www.telerik.com/docs/default-source/fiddler/addons/fiddlercertmaker.exe?sfvrsn=2
4.打开Fiddler,点击工具栏中的Tools—>Options
5.点击https设置选项,勾选选择项
6.点击Actions,点击第二项:Export Root Certificate to Desktop,这时候桌面上会出现证书FiddlerRoot.cer文件,点击OK设置成功,关闭fiddler
7.PC端,在浏览器中导入证书FiddlerRoot.cer,以谷歌浏览器为例说明,在浏览器上输入: chrome://settings/
然后进入高级设置,点击管理证书
8.在受信任的根证书颁发机构,对证书进行导入
9.重新打开fiddler,就可以在电脑上进行https抓包了。
11.本文主要是分享fiddler抓取https请求的数据,故手机端不再此赘述;
fiddler抓取https原理及常见错误,参考如下:
https://www.zhihu.com/question/24484809
https://www.jianshu.com/p/54dd21c50f21
https://blog.csdn.net/wangjun5159/article/details/52198842
https://www.cnblogs.com/Ming8006/p/8405555.html
https://www.cnblogs.com/zery/p/5164795.html
https://blog.csdn.net/yintengfei/article/details/53340763
http://www.jb51.net/network/541478.html
https://blog.csdn.net/wwdz_rwx/article/details/50396163
https://blog.csdn.net/zhusongziye/article/details/77951602
https://blog.csdn.net/qq_31666147/article/details/70313131
https://www.cnblogs.com/hushaojun/p/6385958.html