Control TLS server_name when Host remapping

1 posts, 0 answers
  1. Jason
    Jason avatar
    1 posts
    Member since:
    Jul 2016

    Posted 14 Jul Link to this post

    Hi,

    Using Fiddler v4.6.2.30081 on Windows 10 x64 I am using the Composer's Raw tab to make a request:

    ---
    GET https://www.example.com/ HTTP/1.1
    Host: www.example.com
    ---

    Am I also using Fiddler Host Remapping to use a different origin for www.example.com, eg:

    ---
    an-alternative-origin.com  www.example.com
    ---

    When Fiddler makes the request, the TLS handshake to my-alternative-origin.com sends the SNI server name value of "an-alternative-origin.com" and then sends the HTTP request with Host value "www.example.com".

    Many web servers consider it a protocol violation if the HTTP Host request header value does not match the SNI server name used during the TLS handshake. In my scenario, the origin is running such a web server and the response is a HTTP 403 Forbidden with a HTML response body describing the mismatch between the HTTP Host and TLS SNI hostnames. Other web servers respond with a HTTP 400 Bad Request. I do not control this origin.

    I need Fiddler to use the value from the Host request header, "www.example.com", as the SNI server name during the TLS handshake to the origin. How can I instruct Fiddler to override the SNI server name? That is, a Fiddler equivalent to the `-servername` argument that `openssl s_client` accepts.

    Regards,

    Jason

Back to Top