After update updating Edge browser to version 124.0.2478.51,when access website I get "Your connection is not private"
I have configured Windows to trust Fiddler's root certificate.
I set fiddler " !listen 8889 *.acs.org " and set " fiddler.network.https.SetCNFromSNI true" It works well before update edge browser.
After update edge when i access pubs.acs.org it is ok.
but when i access pubs.rsc.org i get "Your connection is not private"
I think this is because someing make fiddler cannot automatically match certificates .
Please help me fix it ,thanks so much!
4 Answers, 1 is accepted
Hi Chen,
We were not able to reproduce the issue on our side, and the listed endpoint was captured and decrypted successfully with the latest versions of Edge and Fiddler Classic.
Try to reset your Fiddler certificates fully and ensure you have enabled support for newer versions of TLS by adding the following values to Tools > Options >HTTPS > Protocols.
<client>;ssl3;tls1.0;tls1.1;tls1.2So that your settings look similar to these:
Additionally, ensure that you have the latest version of the Fiddler Classic application from the 27th of March, 2024
Regards,
Nick Iliev
Progress Telerik
Rank 2
Iron
Iron
Iron
You can try configuring fiddler on a different computer, and then setting the system proxy on your local computer to the computer where fiddler is located, and you should be able to reproduce the certificate issue I mentioned. On top of the certificate that has been imported to a trusted root certification authority.
Thanks!
Sorry it doesn't work,i will still retry to reproduce the certificate issue~!
Rank 2
Iron
Iron
Iron
We are unable to simulate the firewall and routing configurations that you have on your system. Therefore, any additional information or details you could provide would be greatly appreciated to help us investigate the issue further.
However, since Edge is a browser that is based on Chromium and automatically adheres to the system proxy settings, it is likely that you may encounter the same problem while using other Chromium-based browsers such as Brave or Google Chrome. Is that the case, or are you experiencing the issue only with the latest version of Microsoft Edge? It's a shot in the dark, but perhaps, you need to update the firewall rule related to the Edge processes and their names.
Rank 2
Iron
Iron
Iron
Rank 2
Iron
Iron
Iron
Thank you for your reply.
I have tested some settings to try to reproduce this issue. If you set the Fiddler server as a system agent, there will be no problem and it can be accessed normally. If you only want some network access to pass through Fiddler, this situation will occur. The following is a method to reproduce this problem:
I use the Proxifier software to achieve network access to the Edge browser through the Fiddler server.
First, configure the Fiddler proxy server information in the Proxifier, and then set the proxy rules to allow network access to the Edge browser through the Fiddler server.
At this point, you can see through the proxifer that the access to the edge browser has been directed to the Fiddler server, and then you will receive a certificate error warning when visiting any HTTPS protocol website.
With the same settings, if you are using the firefox browser, this issue will not occur.
You can see that the certificate information in Edge is incorrect, while in Firefox it is correct. I can only temporarily let my users use the Firefox browser. I still hope to solve this problem so that they can freely use any browser. Looking forward to your reply, thank you!
Due to security policies, we cannot use the Proxifier tool within our internal network and cannot test the scenario you described. We are also not affiliated with the Proxifier tool and can't guarantee that the Fiddler Classic application will work as expected, with the Proxifier handling the CONNECT tunnels and all other proxy-related logic.
Note that Fiddler Classic works correctly alongside the latest version of Edge when directly set as a system proxy. That points out that the issue is related to the rules created in Proxifier or to the core Proxifier logic for creating proxy tunnels.
Rank 2
Iron
Iron
Iron
Although you are unable to use the Proximitor software, from my screenshot you should see that the same settings for Firefox browser and Edge browser result in completely different outcomes. Mainly due to the addition of certain security policies after updating to the latest version of Edge browser, but I am not sure which specific security policies are involved.
If the Fiddler server is set as a system proxy, it can solve the problem of certificate errors, but in this way, the Fiddler server will have to load all network access for all users. Apart from using the Proximitor software, is there a suitable way to only point access to specified websites to the Fiddler server?
You can bypass specific endpoints through the Fiddler application (through the Tools > Connections > Bypass URLs .. option) so they do not go through the proxy. However, that option works the other way around (to what you need)—it does not direct specific endpoints to use the Fiddler proxy. Instead, it instructs requests to specific endpoints/domains to bypass the proxy and use the upstream directly.
Another similar option is to use FiddlerScript and drop all connections based on specific criteria. You could use the onBeforeRequest event as discussed here. This will again mean that all matched traffic will be entirely dropped while the Fiddler proxy works (and not the other way around).
Rank 2
Iron
Iron
Iron
When I was checking the fiddler logs, I found a lot of error messages, as shown in the image below.
This information indicates that an error occurred while processing the certificate, which is probably why I am getting a certificate error warning using the Edge browser, how can I query for further error information and fix it?