so I followed the Guides so far, Installed the Cert to my IOS Device (as user Profile and trusted it)
However, every URL I open in the Browser nor App tells me:
ERR_SSL_VERSION_OR_CIPER_MISSMATCH.
Is there any step I missed?
1 Answer, 1 is accepted
0
Nick Iliev
Telerik team
answered on 03 Mar 2023, 07:53 AM
Hello Robert,
The error indicates that the browser can't complete the handshake because there is something wrong with the TLS version, the certificate, or the used TLS cipher. Older OS systems are also using obsolete TLS versions, which are no longer supported by iOS, so if your Fiddler host runs on such OS (like Windows 7), it might be trying to use TLS 1.1 and, as a result, your iOS browse will fail to complete the handshake when the proxy stands in the middle. The first thing to ensure is that you are not using OS, which prevents the usage of the modern-day TLS version (especially TLS 1.2). An unsupported cipher is a corner case that can happen with the specific application but should not cause an issue with all URLs in mobile browsers, so that is unlikely the cause.
Here are some other suggestions on what you could try to resolve the issue:
Fiddler Classic can explicitly use a specific set of TLS versions. If your issue is specifically related to FIddler Classic, do the following: - Stop Fiddler Everywhere and Fiddler Classic. - Open Fiddler Classic, go to Tools > Options > HTTPS > Protocols, and ensure that the following options are available:
<client>;ssl3;tls1.0;tls1.1;tls1.2
- From the same menu (Fiddler Classic > Tools > Options > HTTPS ) use Actions > Reset All Certificates.
- From Fiddler Classic > Tools > Options > Connections ) enable Allow remote computers to connect and then restart the application.
- Enable the Fiddler proxy on the iOS WiFi network and reinstall + enable full trust for the Fiddler certificate (iOS device > Settings > General > About > Certificate Trust Settings). Note that enabling full trust is a crucial step that otherwise will prevent the proper capturing of HTTPS sites.
- Finally, open your mobile browser and try to load the following page to test your connection to the Fiddler proxy:
https://example.com
Note that the above should not happen with Fiddler Everywhere (and if the Windows OS used for the Fiddler Host is Windows 8.1 or newer) as it uses TLS 1.2 by design. You can try the following:
- Stop Fiddler Classic and Fiddler Everywhere (to clean up the OS proxy settings).
- Start Fiddler Everywhere and ensure you have enabled Settings > Connection > Allow remote computers to connect.
- Use Settings > HTTPS > Advanced > Reset Certificates to reset your root certificates.
- On your iOS device > reinstall Fiddler Everywhere as a manual proxy (note that the port is 8866 and differs from the Fiddler Classic port).
- Finally, open your mobile browser and try to load the following page to test your connection to the Fiddler proxy:
https://example.com
I hope the above information helps you identify the issue, but please do not hesitate to contact us and provide more insights if the problem persists.
Regards,
Nick Iliev
Progress Telerik
Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.