Hello, I'm not sure whether this is a bug or something else, when Fiddler is capturing traffic and HTTPS decryption is on I cannot browse https://archive.org/
I get the error message "The connection to the server was reset while the page was loading." in Firefox. Same thing in Chrome, error code ERR_CONNECTION_RESET.
As soon as I turn off either HTTPS decryption or traffic capture in Fiddler I can browse the site again.
Any idea what might be the problem? I can browse other https websites fine, for instance https://www.httpsnow.org/ and https://google.com/
I get the error message "The connection to the server was reset while the page was loading." in Firefox. Same thing in Chrome, error code ERR_CONNECTION_RESET.
As soon as I turn off either HTTPS decryption or traffic capture in Fiddler I can browse the site again.
Any idea what might be the problem? I can browse other https websites fine, for instance https://www.httpsnow.org/ and https://google.com/
1 Answer, 1 is accepted
0
EricLaw
Top achievements
Rank 1
Rank 1
answered on 21 Feb 2014, 02:50 PM
If you look at the response inspector for the CONNECT tunnel, you'll see the text:
"fiddler.network.https> Failed to secure existing connection for archive.org. A call to SSPI failed, see inner exception. InnerException: System.ComponentModel.Win32Exception: The client and server cannot communicate, because they do not possess a common algorithm"
Googling that turns up the explanation of the server's bug and the workaround in Fiddler: http://blogs.msdn.com/b/ieinternals/archive/2009/12/08/aes-is-not-a-valid-cipher-for-sslv3.aspx
Summary: The server attempted to send a ServerHello in v3.0 format but used a cipher only defined in v3.1: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
"fiddler.network.https> Failed to secure existing connection for archive.org. A call to SSPI failed, see inner exception. InnerException: System.ComponentModel.Win32Exception: The client and server cannot communicate, because they do not possess a common algorithm"
Googling that turns up the explanation of the server's bug and the workaround in Fiddler: http://blogs.msdn.com/b/ieinternals/archive/2009/12/08/aes-is-not-a-valid-cipher-for-sslv3.aspx
Summary: The server attempted to send a ServerHello in v3.0 format but used a cipher only defined in v3.1: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)