Hi,
I have been using HTTPS decryption in Fiddler for years, to inspect the traffic to and from my app.
And it has been working perfectly on my iPhone 6 Plus with iOS 12.5.5.
Recently I got an iPhone 11 with iOS 15.1, and find myself completely unable to get it to work 😢
Because I know, that requirements for certificates have been strengthened in recent versions of iOS, I have "reset" the certificate in Fiddler, letting it generate a new root certificate. I have successfully removed the old root certificate from the phones and installed the new Fiddler certificate on the iPhone 6 Plus, following Fiddler's "Capture Traffic from iOS Device" guide, which means installing the certificate, followed by enabling Full Trust for it - and everything works like a charm.
On the iPhone 11, I have also installed the certificate:
and enabled Full Trust for it:
And yet, if I visit a HTTPS site, like e.g. https://google.com/ in Safari, it will warn me that "This Connection Is Not Private", because the Fiddler generated leaf certificate is for some unknown reason considered invalid???
I have unfortunately not been able find any SSL-related apps, or other tools, which could help identify why the certificate is considered invalid.
In the hope that someone here could maybe be able to spot what iOS 15.1 might think wrong with the certificate, I have attached a screenshot of the information shown if I click the "view the certificate" link in the Safari warning page (I was unfortunately not allowed to attach an exported .cer file).
If I can get the problem identified, there should be a fair chance that Fiddler would also fix it 🤞
It looks like some users of Charles proxy might be experiencing a very similar issue:
https://stackoverflow.com/questions/69906780/charles-proxy-network-trace-on-ios-15-1-device-iphone
(FYI. for some sites, Safari gives a different "This Connection Is Not Private" error, where it claims that the site is using deprecated TLS 1.0 or TLS 1.1:
)