FORUMS

[Q] MS Store doesn't work via Fiddler proxy

1 posts
Thanks Meter: 0
 
By niglush, Junior Member on 26th February 2014, 01:58 AM
Post Reply Subscribe to Thread Email Thread
I am trying to use Fiddler proxy for my Windows Phone 8 device. It works for almost everything (like Internet browsing, ActiveSync, Calendar and most of the apps) but it fails to work with the Store. I can see in the Fiddler's trace log that every time I try to install or update an app, the tunnel to login.live.com:443 gets opened correctly and nothing else happens after that. And the phone shows an error message "MS account service is unavailable right now"

Fiddler's Root certificate is installed on the phone. Fiddle is not complaining about client certificate, as it sometimes does. Turning proxy off for the WiFi connection brings everything back to normal.
 
 
27th February 2014, 10:55 AM |#2  
Recognized Developer
Flag Seattle
Thanks Meter: 2,869
 
More
Browsing the store works over a proxy, but the actual app download process (or possibly the license check process, or maybe both) is certificate-pinned. You can't MitM it without Microsoft's cert. (This has been known for months, if you read the threads about using a proxy with the store they all say you have to turn it off before hitting Install).
7th March 2014, 06:33 PM |#3  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by GoodDayToDie

Browsing the store works over a proxy, but the actual app download process (or possibly the license check process, or maybe both) is certificate-pinned. You can't MitM it without Microsoft's cert. (This has been known for months, if you read the threads about using a proxy with the store they all say you have to turn it off before hitting Install).


Tried doing a search you couldn't link me a few of the post on this could you please?
7th March 2014, 07:11 PM |#4  
Senior Member
Thanks Meter: 25
 
More
There's nothing to search for. He told you why it doesn't work. There's no way around it... Use the proxy to enable the download button for unavailable apps, but turn it off right before you tap download.
8th March 2014, 03:26 AM |#5  
Recognized Developer
Flag Seattle
Thanks Meter: 2,869
 
More
Yeah, you're not going to find actual details of the certificate pinning, as it's not documented by Microsoft. We only know about it from observing the phone's behavior.

I suppose we could reverse engineer the code to get more details, but that seems like a waste of time.
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes