Fiddler is not showing HTTPS traffic

fiddlerhttps

I enabled "Decrypt HTTPS traffic" and "Ignore server certificate errors" in Fiddler but the traffic of one website is not being showed.

This is the error that Fiddler is returning:

[Fiddler] The connection to '…' failed. System.Security.SecurityException Failed to negotiate HTTPS
connection with server.fiddler.network.https> HTTPS handshake to
… failed. System.IO.IOException Received an unexpected EOF
or 0 bytes from the transport stream.

I remember that I could ignore this error in Fiddler script, but I really don't remember.

Does anyone know what's going on?

Thanks! =)

Best Answer

What is the site's URL?

It is probably caused by either of these two issues: http://blogs.msdn.com/b/ieinternals/archive/2009/12/08/aes-is-not-a-valid-cipher-for-sslv3.aspx or http://blogs.msdn.com/b/fiddler/archive/2012/03/29/https-request-hangs-.net-application-connection-on-tls-server-name-indicator-warning.aspx

The old workaround is to configure Fiddler to only use SSL3 when talking to the host in question. The newer workaround is to either use Fiddler4 with the latest .NET4.5.2 framework, or if you're using Fiddler 2.5.1, see the "SNI Hack" section of http://www.telerik.com/blogs/what-s-new-in-fiddler-4-5-1

In your OnBeforeRequest event handler, add the following code to fix the issue for certain sites:

if (oSession.HTTPMethodIs("CONNECT") && oSession.HostnameIs("BuggySite.com")) 
{ 
  oSession["https-DropSNIAlerts"] = "yup"; 
  FiddlerApplication.Log.LogString("Legacy compat applied for request to BuggySite.com"); 
}

Best Answer

Related Solutions

Are HTTPS URLs encrypted

Filter Fiddler traffic

Related Topic