Search code examples
javamavenfiddlercapturekeytool

Maven: How to capture HTTPS traffic through Fiddler

The challenge: Capturing maven requests to package repository

Issues:

  • Fiddler has a certificate that needs to be added to Java Home
  • Proxy has to be added to settings.xml
Solution

  • Settings.xml in the .m2 folder needs to be configured with proxy against fiddler

    <proxies>
    <proxy>
        <id>http</id>
        <active>true</active>
        <protocol>http</protocol>
        <username/>
        <password/>
        <host>localhost</host>
        <port>8888</port>
    </proxy>
    <proxy>
        <id>https</id>
        <active>true</active>
        <protocol>https</protocol>
        <username/>
        <password/>
        <host>localhost</host>
        <port>8888</port>
    </proxy>
</proxies>

    The Fiddler certificate needs to be exported and added to jssecacerts in JAVA_HOME ($JAVA_HOME\jre\lib\security).

    You create the fiddler certificate by using tools --> options -> https --> actions --> Export Root certificate to Desktop

    Command to run (must be changed according to JAVA_HOME path):

    "C:\Program Files\Java\jdk-11.0.1\bin\keytool" -importcert -file "<Your path to Fiddler certificate>\fiddler root.cert" -keystore "C:\Program Files\Java\jdk-11.0.1\lib\security\jssecacerts" -storepass changeit