Gigya Job Openings

Configuring Fiddler HTTP Analyzer

Skip to end of metadata
Go to start of metadata


Certain problems that involve client side calls can be much easier to debug with a capture of the HTTP traffic going back and forth between your site, the user's browser and Gigya. When you report such problems to the Gigya support team you may be asked to provide a "Fiddler capture" of the reported problem. Fiddler is a Web Debugging Proxy that logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler is freeware and can debug traffic from virtually any application, including Internet Explorer, Mozilla Firefox, Opera, and others.

Note: Before you take a "Fiddler capture" to be submitted to Gigya it must be configured to capture HTTPS traffic as explained below.


Installing Fiddler

Fiddler only runs on Windows and requires .NET version 2 or higher to be installed on the machine. We recommend using the .NET 4 version. The .NET Framework can be downloaded directly from Microsoft.

Then you will have to download Fiddler from the following link:

Working with Fiddler

When Fiddler is running, you can inspect the data transferred to and from the Gigya server by simply clicking on one of the sessions in the session list on the left.


Saving the Capture to a File

In case it is required, you can save the sessions to a file by clicking on File->Save->"All Sessions", provide a file name and save  (in saz file format).


Configuring Fiddler to Capture HTTPS Traffic

Fiddler includes the ability to capture and decrypt HTTPS traffic. In order to do this, it generates its own Root Certificate and you must configure your browser to trust that certificate or it will issue an error when HTTPS traffic goes through Fiddler.


Note: It is recommended that you only make this configuration change on Test-only machines.

Registering the Fiddler Root Certificate in the System Certificate Store

This configuration is all that is required to capture traffic from Internet Explorer and Google Chrome:

  1. Enable capturing HTTPS traffic by clicking Tools > Fiddler Options > HTTPS and ticking the "Decrypt HTTPS Traffic" box.
  2. When you tick the "Decrypt HTTPS Traffic" checkbox in Fiddler 2.2.9+, you will see the following prompt:

  3. Click Yes. You will see the following prompt:

  4. Click Yes. Then Windows will trust your Fiddler Root certificate and certificate warnings will be suppressed in any application that relies on the Windows Certificate Store.

Configuring Firefox to Trust the Fiddler Root Certificate

The following additional steps are required in order to configure Firefox to trust the Fiddler root certificate:

  1. Open Fiddler 2.2.9+.
  2. Click Tools > Fiddler Options.
  3. Select the HTTPS tab, and click the 'Export Fiddler Root Certificate to Desktop' button.
  4. In Firefox, click Tools > Options.
  5. Click the Advanced button at the top.
  6. Click the Encryption tab.
  7. Click View Certificates.
  8. Click the Authorities tab.
  9. Click Import.
  10. Pick the .CER file from your desktop.
  11. Check the "Trust this CA to identify web sites" checkbox.


Using Fiddler with Non-Windows Systems

It is possible to use Fiddler to capture HTTP traffic generated by other devices like Mac computers or mobile phones. To do this you will need to setup a Windows machine and install Fiddler on it. Then enable Fiddler to accept traffic from other computers by clicking Tools > Fidder Options > Connections and ticking the "Allow remote computers to connect" checkbox.

Then, in the web browser you are using on the non-Windows device, configure the proxy settings to redirect HTTP and HTTPS traffic to the IP address of the Windows machine with Fiddler and to port 8888.


Additional Information

If you have any further questions about Fiddler configuration, please visit this page: