Android Question Hide my info from the fiddler program

[Lucas Eduardo]

Hi community,
I am studying a way to hide my information from being shown in the Fiddler Program, but I did not succeed.
I was reading in the stackoverflow forum and I came across a post similar to my doubt. In it is placed a code that prevents you from using Proxy while you are using your application, Would it have How to use that some code in b4a??

https://stackoverflow.com/questions/42602832/hide-https-traffic-made-by-my-application-from-fiddler


code > "HttpWebRequest.DefaultWebProxy = new WebProxy();"

 

[OliverA]

Use SSL. Only accept trusted SSL certificates. For Fiddler's man in the middle to work with SSL your application has to blindly trust all SSL certificates.

 

[Lucas Eduardo]

I would like to ban any proxy change, I get error in android smaller than 5 when I use SSL, my SSL is verified and correct green stamp but still giving the same error.

 

[OliverA]

still giving the same error.

What error?

 

[Lucas Eduardo]

javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

I do not like using hc.InitializeAcceptAll ("hc") because it shows my information

 

[OliverA]

I do not like using hc.InitializeAcceptAll ("hc") because it shows my information

You should not. This is only for extreme cases, cases where you accept the risks that come with accepting all certificates. The problem most likely is that you are using a CA that was unknown to older versions of Android. If these older versions of Android are important to you, then you need to get an SSL certificate from a CA that is known to the older Android versions. Another approach is described in the Android documentation here: https://developer.android.com/training/articles/security-ssl.html#CommonProblems