Can't browse archive.org while Fiddler HTTPS decryption is on

2 posts, 0 answers
  1. Leo
    Leo avatar
    1 posts
    Member since:
    Feb 2014

    Posted 19 Feb 2014 Link to this post

    Hello, I'm not sure whether this is a bug or something else, when Fiddler is capturing traffic and HTTPS decryption is on I cannot browse https://archive.org/

    I get the error message "The connection to the server was reset while the page was loading." in Firefox. Same thing in Chrome, error code ERR_CONNECTION_RESET.

    As soon as I turn off either HTTPS decryption or traffic capture in Fiddler I can browse the site again.

    Any idea what might be the problem? I can browse other https websites fine, for instance https://www.httpsnow.org/ and https://google.com/

  2. EricLaw
    EricLaw avatar
    67 posts
    Member since:
    Oct 2012

    Posted 21 Feb 2014 in reply to Leo Link to this post

    If you look at the response inspector for the CONNECT tunnel, you'll see the text:
    "fiddler.network.https> Failed to secure existing connection for archive.org. A call to SSPI failed, see inner exception. InnerException: System.ComponentModel.Win32Exception: The client and server cannot communicate, because they do not possess a common algorithm"

    Googling that turns up the explanation of the server's bug and the workaround in Fiddler: http://blogs.msdn.com/b/ieinternals/archive/2009/12/08/aes-is-not-a-valid-cipher-for-sslv3.aspx

    Summary: The server attempted to send a ServerHello in v3.0 format but used a cipher only defined in v3.1: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
Back to Top