How to use Eclipse with Fiddler step by step (for JAVA)

Background:

Eclipse is a nice IDE that popular among JAVA programmers. Recently I have involve with few java base project and that mostly with notwork programming stuff such as HTTP request sending, POST submit, GET request. I used my favorite http/https traffic recording tool "Fiddelr" to use with Eclipse.

So here is the my simple JAVA program that send a http post request to the server. Here I uses Apache HTTPClient (JAVA http implementation) for easy coding.

import java.io.IOException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.HttpResponse;

public class HTTPRequest{

String base_url = "https://destination-server.com";

public static void main(String[] args) { 
 HttpClient wf_client = HttpClients();
 HttpGet get_request = new HttpGet(base_url);
 try {
  HttpResponse login_responce = wf_client.execute(get_request);  
 }catch (IOException e) {
  System.out.println(e);
 } 
}
}

Previously when I work with C++ network programming Visual Studion IDE. I could use Fiddler to capture http and https traffic without any extra configuration. But this time when I compile and run this program in Eclipse, Fiddler does not show any http traffic. So i had to spend few hours to figure out, how to use Eclipse with Fiddler.

Let's try step by step:

Step - 1:  Go to http://www.telerik.com/fiddler and click on [Free Download] button to download Fiddler and install in to your PC.

Step - 2: If you installed Fiddler properly, when you load a web page in your web browser, you can see the http and https traffic in the Fiddler window as below

 Step - 3: Go to Filter tab in the right side of the windows and add filter to show only traffic to your destination host. and click [Action] button to save

 Step - 4: click [Remove all] to clear up all the previous recorded traffic.

Step - 5: Then go in to Eclipse and build and run your program that sending HTTP requests to the remote host. If the Fiddler showing the request, no issue you can continue works. But if the Fiddler doesn't record the requests here is the way to figure-out.

Step - 6: For record the http/http request you have to send the request trough the Fiddler. So go to 'Tools' -> Fiddler Option -> 'Connection' tab and check the port specify there.

Step - 7: So here is my case, it's automatically configured to port 8888. After identifying the port your have to add your localhost and above port as proxy to your connection. look at the example below.

public static void main(String[] args) { 
 HttpHost proxy = new HttpHost("localhost", 8888);
 HttpClients wf_client = HttpClients.custom().setProxy(proxy).build();
 HttpGet get_request = new HttpGet(base_url);
 try {
  HttpResponse login_responce = wf_client.execute(get_request);  
 }catch (IOException e) {
  System.out.println(e);
 } 
}

Step - 8:If you sending just http requests now your fiddler works fine and you can see the sending and receiving requests and the details of those. But if you are sending https requests now your program shows this run-time error.

Unexpected errorjavax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Step - 9: To get rid from this exception go to 'Tools' -> 'Fiddler Options' -> 'Https' tab and click Export 'Root Certificate ti Desktop'

Step - 10: Now we have to install the exported certificate to JAVA. for that open 'command prompt' as administrator and run below command

C:\Windows\system32>keytool.exe -import -file [path the exported file] -keyst
ore [name for keystre] -alias [alias name for certificate]

As a example, In my PC command is like this

C:\Windows\system32>keytool.exe -import -file C:\Users\nayanaa\Desktop\FiddlerRoot.cer -keyst
ore FiddlerKeystore -alias Fiddler

Step - 11: Then the system will ask you to enter a password to access certificate. Please enter a whatever a password and confirm the password. Please be careful to remember entered password.

Step - 12: Then the system will ask are you trusting this certificate. enter 'Y' and press enter. Then it will show "certificate added successfully" message.

Step - 13:  Then go yo your 'Java Home' -> Jre[x] ->bin. There you can see a file named FiddlerKeystore. move that file to 'Java Home' ->  Jre[x] -> lib ->security

Step - 14:  Now you installed the certificate to use Fiddler as a proxy server for https requests. Simply now you can send https requests trough fiddler. for this you have to add two lines to your program to speciify truestore and truestore password. Here you have to specify the path to FiddlerKeystore file in  'Java Home' ->  Jre[x] -> lib ->security and the password you enter while installing the certificate.

public static void main(String[] args) { 
 System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files (x86)\\Java\\jre7\\lib\\security\\FiddlerKeystore");
 System.setProperty("javax.net.ssl.trustStorePassword", "my#password");
 HttpHost proxy = new HttpHost("localhost", 8888);
 HttpClients wf_client = HttpClients.custom().setProxy(proxy).build();
 HttpGet get_request = new HttpGet(base_url);
 try {
  HttpResponse login_responce = wf_client.execute(get_request);  
 }catch (IOException e) {
  System.out.println(e);
 } 
}

Step - 15: Now everything completed. you can track and record all the http and https traffic sending by eclipse.