I have a requirements to monitor all outgoing call from our WCF service to external web services and then track all the performance of each call. With this I decided to create a windows service using existing API that Fiddler already provided (FiddlerCore). I started running it as console based application for ease of debugging. Everything works fine except that when I start running it as windows service, it does not capture HTTPS traffic. Because I'm too lazy to figure it out I start looking on google for the solution but no luck. I also found few people also have the same issue but no solution were presented. So no choice I have to investigate it by myself. Upon putting some debugging information I discovered that the FiddlerCore API is complaining it cannot create certificate. This point me to the right direction. The current account that I'm running my windows service (localsystem) was not able to generate the certificate. So instead of creating new certificate, I think maybe I can specify existing certificate that was already created by Fiddler on my account. I found this file on "My Document\Desktop" name "FiddlerRoot.cer" and copied it to my project then I specify that path using oDefaultClientCertificate property.
var path = Path.GetDirectoryName(Assembly.GetExecutingAssembly().GetName().CodeBase);
path = path.Replace("file:\\", "");
if (!path.EndsWith(@"\")) path += @"\";
path += "FiddlerRoot.cer";
FiddlerApplication.AfterSessionComplete += FiddlerApplication_AfterSessionComplete;
FiddlerApplication.oDefaultClientCertificate = new X509Certificate(path);
FiddlerApplication.Startup(8888, FiddlerCoreStartupFlags.DecryptSSL);
Viola!! All HTTPS traffic are now being captured and AfterSessionComplete event is now triggering.
Can the certificate be embedded as a resource inside the app instead of it being a separate file from the app itself?
ReplyDelete