Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,771,526 Members 50,172 Now Online
XDA Developers Android and Mobile Development Forum

[Q] MS Store doesn't work via Fiddler proxy

Tip us?
 
niglush
Old
#1  
Junior Member - OP
Thanks Meter 0
Posts: 1
Join Date: Jan 2011
Default [Q] MS Store doesn't work via Fiddler proxy

I am trying to use Fiddler proxy for my Windows Phone 8 device. It works for almost everything (like Internet browsing, ActiveSync, Calendar and most of the apps) but it fails to work with the Store. I can see in the Fiddler's trace log that every time I try to install or update an app, the tunnel to login.live.com:443 gets opened correctly and nothing else happens after that. And the phone shows an error message "MS account service is unavailable right now"

Fiddler's Root certificate is installed on the phone. Fiddle is not complaining about client certificate, as it sometimes does. Turning proxy off for the WiFi connection brings everything back to normal.
 
GoodDayToDie
Old
#2  
Recognized Developer
Thanks Meter 2677
Posts: 5,625
Join Date: Jan 2011
Location: Seattle
Browsing the store works over a proxy, but the actual app download process (or possibly the license check process, or maybe both) is certificate-pinned. You can't MitM it without Microsoft's cert. (This has been known for months, if you read the threads about using a proxy with the store they all say you have to turn it off before hitting Install).
Win8/Windows RT projects:
List of desktop apps for hacked RT devices

WP8 projects:
Native Access WebServer and Libraries
WP8 Interop Unlocks
Storage Cleanup tool

WP7 projects:
XapHandler, Root Webserver, OEM Marketplace XAPs, Bookmarklets collection (Find On Page), Interop-unlock hacks.


Do not private message me with questions that should have been posted on the forum! Not only are you wasting your time - I'm not going to bother writing an answer to such a question for only one person - but I will probably block you from PMing me in the future as well.
 
starkidsc
Old
#3  
Junior Member
Thanks Meter 0
Posts: 4
Join Date: Mar 2014
Quote:
Originally Posted by GoodDayToDie View Post
Browsing the store works over a proxy, but the actual app download process (or possibly the license check process, or maybe both) is certificate-pinned. You can't MitM it without Microsoft's cert. (This has been known for months, if you read the threads about using a proxy with the store they all say you have to turn it off before hitting Install).

Tried doing a search you couldn't link me a few of the post on this could you please?
 
DaviUnic
Old
#4  
Senior Member
Thanks Meter 25
Posts: 122
Join Date: May 2011
There's nothing to search for. He told you why it doesn't work. There's no way around it... Use the proxy to enable the download button for unavailable apps, but turn it off right before you tap download.
 
GoodDayToDie
Old
#5  
Recognized Developer
Thanks Meter 2677
Posts: 5,625
Join Date: Jan 2011
Location: Seattle
Yeah, you're not going to find actual details of the certificate pinning, as it's not documented by Microsoft. We only know about it from observing the phone's behavior.

I suppose we could reverse engineer the code to get more details, but that seems like a waste of time.
Win8/Windows RT projects:
List of desktop apps for hacked RT devices

WP8 projects:
Native Access WebServer and Libraries
WP8 Interop Unlocks
Storage Cleanup tool

WP7 projects:
XapHandler, Root Webserver, OEM Marketplace XAPs, Bookmarklets collection (Find On Page), Interop-unlock hacks.


Do not private message me with questions that should have been posted on the forum! Not only are you wasting your time - I'm not going to bother writing an answer to such a question for only one person - but I will probably block you from PMing me in the future as well.
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes