Problem with capturing tls traffic for some web sites (i assume issue with ciphers - site and fiddler has no overlap)
B
Bober347
started a topic
almost 3 years ago
Hi!
Recently I was trying to connect to https://inlat.am/ site with "Decrypt SSL traffic" option set in fiddler to my genuine surprise i couldn't even connect to site.
I am using chrome 87.0.4280.88 64bit and fiddler Version : 1.3.0
Without "Decrypt SSL traffic" option set in Fiddler - chrome works fine.
My question is how to fix the problem with ciphers.
In my opinion you should somehow add it in Fiddler.
Best Answer
B
Bober347
said
almost 3 years ago
Hi there. The ticket can be closed - the problem - windows 7 doesn't supports tsl1.3 and there is no way around it (only installing newer versions like windows 10). So fiddler is ok it not fiddler issue.
For the sake of having more visibility I am posting the solution used by the user that was published in identical thread:
... have an option to bypass the proxy when certificate pinning is being used. That's actually what I ended up doing, putting the telemetry url in the bypass list. Does the trick. I figured that out after I had posted.
B
Bober347
said
almost 3 years ago
In chrome there is no certificate pinning so it is not my case - and I want to see traffic in and out of this site https://inlat.am/
B
Bober347
said
almost 3 years ago
Answer
Hi there. The ticket can be closed - the problem - windows 7 doesn't supports tsl1.3 and there is no way around it (only installing newer versions like windows 10). So fiddler is ok it not fiddler issue.
Bober347
Hi!
Recently I was trying to connect to https://inlat.am/ site with "Decrypt SSL traffic" option set in fiddler to my genuine surprise i couldn't even connect to site.
I am using chrome 87.0.4280.88 64bit and fiddler Version : 1.3.0
Without "Decrypt SSL traffic" option set in Fiddler - chrome works fine.
So i decided to investigate what actually happen.
I run to https://www.ssllabs.com/ site to check supported ciphers - here you can check it https://www.ssllabs.com/ssltest/analyze.html?d=inlat.am&s=18.159.255.107
# TLS 1.3 (suites in server-preferred order)
# TLS 1.2 (suites in server-preferred order)
and tried to reproduce the issue with wirshark on.
In wire shark i can see that there is no ciphers supported by https://inlat.am/ site
Cipher Suites (24 suites)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f)
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x006a)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038)
Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
Now i know what the issue is about.
My question is how to fix the problem with ciphers.
In my opinion you should somehow add it in Fiddler.
Hi there. The ticket can be closed - the problem - windows 7 doesn't supports tsl1.3 and there is no way around it (only installing newer versions like windows 10). So fiddler is ok it not fiddler issue.
- Oldest First
- Popular
- Newest First
Sorted by Oldest FirstNick Iliev
ADMINHey there,
For the sake of having more visibility I am posting the solution used by the user that was published in identical thread:
... have an option to bypass the proxy when certificate pinning is being used. That's actually what I ended up doing, putting the telemetry url in the bypass list. Does the trick. I figured that out after I had posted.
Bober347
In chrome there is no certificate pinning so it is not my case - and I want to see traffic in and out of this site https://inlat.am/
Bober347
Hi there. The ticket can be closed - the problem - windows 7 doesn't supports tsl1.3 and there is no way around it (only installing newer versions like windows 10). So fiddler is ok it not fiddler issue.
-
Localhost monitoring from daemon
-
Using Fiddler inside Windows Sandbox
-
Advanced Filters
-
System Requirements for Windows Server 2008 SP2
-
Creating account not working - Network Error
-
Fiddler Everywhere not capturing, says filters are active
-
Fiddler Everywhere: capture HTTPS only for specific URIs
-
root certificate removal
-
request body is truncated at 3000 characters.
-
Copying unicode correctly
See all 99 topics