Fiddler Ideas

The free web debugging proxy for any browser, system or platform.

Use SSLKEYLOGFILE to decrypt HTTPS as an alternative to Fiddler Root certificate

I came across anĀ article describing how Wireshark is able to decrypt SSL encrypted network traffic by making use of a feature in Mozilla Firefox and Google Chrome: If a system environment variable named SSLKEYLOGFILE is set to a valid filename, those browsers will write SSL key data to the file. Wireshark, in turn, uses to the contents of the file to decrypt SSL encrypted packets that it captures.

Assuming it's technically possible, it would be great if Fiddler could do the same as an alternative to use the Fiddler Root certificate.

  • Dan Stevens
  • Aug 19 2016
  • Under review
  • Attach files
  • badr elmers commented
    19 Nov, 2018 11:12am

    fiddler make a new conection when used as a proxy, and this make false results sometimes,while the wireshark method does not touch the conexion. SSLKEYLOGFILE is a must, curl too support it now. please add it. thank you

  • Jens Borgland commented
    21 Aug, 2018 06:12am

    I agree that this would be a very valuable enhancement. The current approach with Fiddler acting as a man-in-the-middle for example doesn't work if the server uses HSTS.

  • Tsviatko Yovtchev commented
    1 Sep, 2016 04:49pm

    Dan,is there something that bothers you in the certificates approach?

  • Eric Lawrence commented
    23 Aug, 2016 06:22am

    It's a huge amount of code for very questionable benefit, but it's potentially possible.