How to track your server-server call in Fiddler

Telerik Fiddler is the web developer’s best friend.

It does a wonderful job of telling you why it worked, or not.  Its ability to edit and replay some requests is wonderful.  That, with Advanced REST Client, both help you accomplish your day to day job.

It tracks everything.
Almost.
Sometimes, you need to track server-to-server requests.  Example, if your app calls your back-end api, and then, your server needs to call Mandrill API to send an email to your customer.

By default, Fiddler is not tracking that request, that goes out from your server-side app. But, there’s a solution.

In fact, Fiddler track all web traffic generated by “you”, the user currently logged, and who started the fiddler app.

Now, knowing that, all you need to do, is make your IIS Pool run at your name.

By default, IIS uses “ApplicationPoolIdentity” user, it’s a kind of virtual user generated by the web engine, to run the app.  Each pool have its own username.

But, you can change it to something else.

Open IIS.  Go to the Application Pools section. Choose your app pool, then open Advanced Settings / Identity.  Click the dots, choose Custom account, enter your credentials, and you’re done!

Now, your outgoing server-side calls from your back-end can be tracked in Fiddler!

How to setup Free SSL / HTTPS in EC2 IIS

More and more, all sites are running over HTTPS / SSL.  I personnally think that, in the near future, port 80 / http will die, and all pages will be served in SSL.

One reason for that, is the work done by the “Let’s Encrypt” team.
Look at their sponsors, it’s all the major names of the industry.  And, beginning January 2018, they will also offer free “wildcard” certificates!

So, i’ll explain you how to configure that ssl certificate on your Windows EC2 server running IIS.

The LetEncrypt protocole can be a little difficult to setup.  But, one person did a tool that make ssl certification very easy.

That tool is called “letsencrypt-win-simple“, (now win-acme)hosted on github.

First, you need to configure your site in IIS in standard http.  (look at others chapters to configure IIS and get a fixed IP).

Then, download letsencrypt-win-simple, open a command prompt in administrator mode.  Start the executable, and it will list all your sites in IIS.  Choose the site you want to secure.  The tool will create a file in your site root folder, some communications will be done between your server and the letsencrypt api.  Your site needs to be reachable from its public IP and domain name.

Then, that’s all, the certificate is added to IIS, and the binding is also linked to your site.

These free certificates are valid for 2 months, but the letsencrypt-win-simple app auto-add itself to your “windows task manager”, and it’s running every day to automatically renew all your expired certificates.  So, you don’t need to re-run that procedure, everything is automated and works very fine.

I suggest run that on an empty site (with a simple empty default.aspx / index.htm page), before installing WordPress, because you want to configure your wordpress in https.  It can be hard to move from http to https in wordpress after the initial setup, if you have some content that includes your absolute url with “http://” hard-coded url.