Monday, March 17, 2014

How to use Eclipse with Fiddler step by step (for JAVA)

Background:

Eclipse is a nice IDE that popular among JAVA programmers. Recently I have involve with few java base project and that mostly with notwork programming stuff such as HTTP request sending, POST submit, GET request. I used my favorite http/https traffic recording tool "Fiddelr" to use with Eclipse.

So here is the my simple JAVA program that send a http post request to the server. Here I uses Apache HTTPClient (JAVA http implementation) for easy coding.

import java.io.IOException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.HttpResponse;

public class HTTPRequest{

String base_url = "https://destination-server.com";

public static void main(String[] args) { 
 HttpClient wf_client = HttpClients();
 HttpGet get_request = new HttpGet(base_url);
 try {
  HttpResponse login_responce = wf_client.execute(get_request);  
 }catch (IOException e) {
  System.out.println(e);
 } 
}
}


Previously when I work with C++ network programming Visual Studion IDE. I could use Fiddler to capture http and https traffic without any extra configuration. But this time when I compile and run this program in Eclipse, Fiddler does not show any http traffic. So i had to spend few hours to figure out, how to use Eclipse with Fiddler.

Let's try step by step:

Step - 1:  Go to http://www.telerik.com/fiddler and click on [Free Download] button to download Fiddler and install in to your PC.

Step - 2: If you installed Fiddler properly, when you load a web page in your web browser, you can see the http and https traffic in the Fiddler window as below


 Step - 3: Go to Filter tab in the right side of the windows and add filter to show only traffic to your destination host. and click [Action] button to save


 Step - 4: click [Remove all] to clear up all the previous recorded traffic.


Step - 5: Then go in to Eclipse and build and run your program that sending HTTP requests to the remote host. If the Fiddler showing the request, no issue you can continue works. But if the Fiddler doesn't record the requests here is the way to figure-out.

Step - 6: For record the http/http request you have to send the request trough the Fiddler. So go to 'Tools' -> Fiddler Option -> 'Connection' tab and check the port specify there.


Step - 7: So here is my case, it's automatically configured to port 8888. After identifying the port your have to add your localhost and above port as proxy to your connection. look at the example below.

public static void main(String[] args) { 
 HttpHost proxy = new HttpHost("localhost", 8888);
 HttpClients wf_client = HttpClients.custom().setProxy(proxy).build();
 HttpGet get_request = new HttpGet(base_url);
 try {
  HttpResponse login_responce = wf_client.execute(get_request);  
 }catch (IOException e) {
  System.out.println(e);
 } 
}

Step - 8:If you sending just http requests now your fiddler works fine and you can see the sending and receiving requests and the details of those. But if you are sending https requests now your program shows this run-time error.


Unexpected errorjavax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target


Step - 9: To get rid from this exception go to 'Tools' -> 'Fiddler Options' -> 'Https' tab and click Export 'Root Certificate ti Desktop'


Step - 10: Now we have to install the exported certificate to JAVA. for that open 'command prompt' as administrator and run below command


C:\Windows\system32>keytool.exe -import -file [path the exported file] -keyst
ore [name for keystre] -alias [alias name for certificate]

As a example, In my PC command is like this

C:\Windows\system32>keytool.exe -import -file C:\Users\nayanaa\Desktop\FiddlerRoot.cer -keyst
ore FiddlerKeystore -alias Fiddler

Step - 11: Then the system will ask you to enter a password to access certificate. Please enter a whatever a password and confirm the password. Please be careful to remember entered password.


Step - 12: Then the system will ask are you trusting this certificate. enter 'Y' and press enter. Then it will show "certificate added successfully" message.


Step - 13:  Then go yo your 'Java Home' -> Jre[x] ->bin. There you can see a file named FiddlerKeystore. move that file to 'Java Home' ->  Jre[x] -> lib ->security


Step - 14:  Now you installed the certificate to use Fiddler as a proxy server for https requests. Simply now you can send https requests trough fiddler. for this you have to add two lines to your program to speciify truestore and truestore password. Here you have to specify the path to FiddlerKeystore file in  'Java Home' ->  Jre[x] -> lib ->security and the password you enter while installing the certificate.


public static void main(String[] args) { 
 System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files (x86)\\Java\\jre7\\lib\\security\\FiddlerKeystore");
 System.setProperty("javax.net.ssl.trustStorePassword", "my#password");
 HttpHost proxy = new HttpHost("localhost", 8888);
 HttpClients wf_client = HttpClients.custom().setProxy(proxy).build();
 HttpGet get_request = new HttpGet(base_url);
 try {
  HttpResponse login_responce = wf_client.execute(get_request);  
 }catch (IOException e) {
  System.out.println(e);
 } 
}

Step - 15: Now everything completed. you can track and record all the http and https traffic sending by eclipse.

13 comments:

  1. I am still getting the same exception.

    Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.S
    unCertPathBuilderException: unable to find valid certification path to requested target

    ReplyDelete
  2. I am also getting the same error as Rajper even after following these instructions.

    ReplyDelete
  3. Everything works except I can't find FiddlerKeystore after it was added in JAVA_HOME

    ReplyDelete
    Replies
    1. In the above example -keystore FiddlerRoot is missing, add it. The FiddlerRoot file will be generated in the folder you run the command.

      Then add the following to eclipse / run / run configuration / vm



      -DproxySet=true
      -DproxyHost=127.0.0.1
      -DproxyPort=8888
      -Djavax.net.ssl.trustStore="C:\docs\certificates\FiddlerKeystore"
      -Djavax.net.ssl.trustStorePassword=****

      Delete
  4. Excellent post!!!. The strategy you have posted on this technology helped me to get into the next level and had lot of information in it.
    cloud computing training in chennai | cloud computing courses in chennai

    ReplyDelete
  5. This comment has been removed by the author.

    ReplyDelete
  6. I have been able to capture HTTPS traffic in Fiddler from Java when using URLConnection and Apache httpclient. But what ever I have tried I am not successful at capturing HTTPS traffic when using Jetty HttpClient. Anyone know how I can capture HTTPS traffic from Java while using Jetty HttpClient?

    ReplyDelete
  7. I have been able to capture HTTPS traffic in Fiddler from Java when using URLConnection and Apache httpclient. But what ever I have tried I am not successful at capturing HTTPS traffic when using Jetty HttpClient from Java. Anyone know how I can capture HTTPS traffic from Java while using Jetty HttpClient?

    ReplyDelete
  8. I have read your blog its very attractive and impressive. I like it your blog.

    Java Training in Chennai Core Java Training in Chennai Core Java Training in Chennai

    Java Online Training Java Online Training Core Java 8 Training in Chennai Core java 8 online training JavaEE Training in Chennai Java EE Training in Chennai

    ReplyDelete

  9. Thank you sharing the excellent post about JAVA programming. you helped me to gain more information on the JAVA language.

    Java Training in Chennai |
    Java Course in Chennai

    ReplyDelete