Can't get TcpCatcher to capture SSL traffic

Question

I am trying to use TCPCatcher to capture & decrypt my gmail SSL traffic and it's not working for me.

In Tunnel SSL mode nothing is being captured and the page renders fine. The Firefox add-on seems to set the regular http proxy only.

Below are my TCPCatcher & Firefox settings. In the Monitor SSL mode I either get a "The connection was reset" or a "The proxy server is refusing connections" error. I managed to get it to work in Transparent Proxy mode where I modify the hosts file. I am trying to get the non transparent mode to work. I never get the untrusted cert page as mentioned in this tutorial.

Is there a setting not set properly?

(Note: if you know of other free sniffers which decrypt SSL traffic I can take a look at them. Other than Fiddler. I don't think WireShark decrypts SSL. )

Answer 1

Works like a charm for me:

• In TcpCatcher Settings: Choose the default Monitor SSL mode : "runtime certificates" (certificates are then generated on the fly)

• In your Firefox connection settings : choose Manual proxy settings ; http
  proxy : localhost and port :8201 (must match TcpCatcher's main port). Check "Use this proxy server for all protocols". (I use TcpCatcher Firefox plugin, that actually what is does
  for you)

• In Firefox import TcpCatcher Root
  Certificate in order to get rid of
  warnings telling you that
  certificates are not trusted:
  Encryption | View Certificates |
  Authorities |Import

The TcpCatcher option you checked ("static certificate") is actually meant to use TcpCatcher like a transparent proxy , which means you are not supposed to set any proxy at Firefox level but a dns trick. More explanations in this tutorial.