Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

[Q] MS Store doesn't work via Fiddler proxy

OP niglush

26th February 2014, 02:58 AM   |  #1  
OP Junior Member
Thanks Meter: 0
 
1 posts
Join Date:Joined: Jan 2011
I am trying to use Fiddler proxy for my Windows Phone 8 device. It works for almost everything (like Internet browsing, ActiveSync, Calendar and most of the apps) but it fails to work with the Store. I can see in the Fiddler's trace log that every time I try to install or update an app, the tunnel to login.live.com:443 gets opened correctly and nothing else happens after that. And the phone shows an error message "MS account service is unavailable right now"

Fiddler's Root certificate is installed on the phone. Fiddle is not complaining about client certificate, as it sometimes does. Turning proxy off for the WiFi connection brings everything back to normal.
27th February 2014, 11:55 AM   |  #2  
Recognized Developer
Flag Seattle
Thanks Meter: 2,773
 
5,823 posts
Join Date:Joined: Jan 2011
More
Browsing the store works over a proxy, but the actual app download process (or possibly the license check process, or maybe both) is certificate-pinned. You can't MitM it without Microsoft's cert. (This has been known for months, if you read the threads about using a proxy with the store they all say you have to turn it off before hitting Install).
7th March 2014, 07:33 PM   |  #3  
Junior Member
Thanks Meter: 0
 
4 posts
Join Date:Joined: Mar 2014
Quote:
Originally Posted by GoodDayToDie

Browsing the store works over a proxy, but the actual app download process (or possibly the license check process, or maybe both) is certificate-pinned. You can't MitM it without Microsoft's cert. (This has been known for months, if you read the threads about using a proxy with the store they all say you have to turn it off before hitting Install).


Tried doing a search you couldn't link me a few of the post on this could you please?
7th March 2014, 08:11 PM   |  #4  
Senior Member
Thanks Meter: 25
 
122 posts
Join Date:Joined: May 2011
There's nothing to search for. He told you why it doesn't work. There's no way around it... Use the proxy to enable the download button for unavailable apps, but turn it off right before you tap download.
8th March 2014, 04:26 AM   |  #5  
Recognized Developer
Flag Seattle
Thanks Meter: 2,773
 
5,823 posts
Join Date:Joined: Jan 2011
More
Yeah, you're not going to find actual details of the certificate pinning, as it's not documented by Microsoft. We only know about it from observing the phone's behavior.

I suppose we could reverse engineer the code to get more details, but that seems like a waste of time.
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes