Fiddler HTTPS Debug: SSL Protocols, Ciphers & Digests

2 posts, 0 answers
  1. Vinod Kumar
    Vinod Kumar avatar
    1 posts
    Member since:
    Jan 2015

    Posted 20 Jan 2015 Link to this post

    I was curious on the SSL settings utilized by Fiddler when https debugging is enabled. Is it limited by the Operating System on SSL protocols (SSL vs TLS versions), Ciphers and digest algorithm? Is there an order of preference for each criterion, starting with lets say the highest (something like TLS 1.2+GCM/AES 256 bit+SHA384) ?
  2. Eric Lawrence
    Admin
    Eric Lawrence avatar
    833 posts

    Posted 20 Jan 2015 Link to this post

    Hello, Vinod--

    Fiddler relies upon the .NET Framework's SslStream behavior, which in turn is a wrapper around the Windows SChannel component. There's no way in Fiddler itself to change cipher availability or order, other than to control which SSL/TLS versions are available: http://blogs.telerik.com/fiddler/posts/13-02-11/fiddler-and-modern-tls-versions

    I expect that if you change the SChannel registry keys to configure Windows' overall HTTPS behaviors, those changes would also impact .NET and thus Fiddler.

    Regards,
    Eric Lawrence
    Telerik
     

    Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

     
Back to Top