Telerik Forums / Fiddler
This is a migrated thread and some comments may be shown as answers.

Errors Attempting to Access Website through Fiddler

5 Answers 248 Views
Windows
This is a migrated thread and some comments may be shown as answers.
Matthew
Top achievements
Rank 1
Matthew asked on 29 Nov 2017, 09:21 PM

I have attempted to figure out this problem but cannot determine what the root cause is. Basically, I am receiving a "ReadResponse()failed: The server did not return a complete response for this request. Server returned 0 bytes." message when I perform a basic GET. In the log it shows "fiddler.network.readresponse.failure> Session #9853 raised exception System.IO.IOException The read operation failed, see inner exception. < A call to SSPI failed, see inner exception"

This only started occurring after I updated the Cipher Suites which are supported on the web server. Below are the Cipher Suites that work and the ones that don't. It seems that Fiddler needs a DES option to be available for some reason but even when I remove just one of the ciphers that use DES, the failure occurs.

Working Cipher Suite:

ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS

Non-Working Cipher Suite:

ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS

 

On the web server, I see an error that states "Re-negotiation handshake failed: Not accepted by client!?". I can access the site fine through a web browser and using the first set of cipher suites but cannot with the second. Do you have any idea why removing just one of the DES suites causes this issue? 

5 Answers, 1 is accepted

Sort by
0
Alexander
Telerik team
answered on 07 Dec 2017, 09:11 AM
Hello,

Which cryptographic protocols does your web server support? Also which protocols is Fiddler using (this can be found by going to Tools -> Options -> HTTPS -> Protocols)?

Regards,
Alexander
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
0
Matthew
Top achievements
Rank 1
answered on 07 Dec 2017, 02:02 PM
The web server supports TLS 1.1 and TLS 1.2. Fiddler is set to use SSL3, TSL 1.0, TLS 1.1 and TLS 1.2.
0
Alexander
Telerik team
answered on 15 Dec 2017, 03:03 PM
Hi,

Do you get the same result if you create and send the GET using the Composer?

Regards,
Alexander
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
0
Matthew
Top achievements
Rank 1
answered on 15 Dec 2017, 03:47 PM
We are using the composer to send the GET request. The only difference between it working and not working is the presence of DES ciphers in the web server virtual host configuration. If they are in the cipher suite list then it works and if I remove 1 or more of them it no longer works.
0
Alexander
Telerik team
answered on 03 Jan 2018, 10:15 AM
Hi,

Please, excuse us for the delay in our answer.

Would it be possible that you try running Fiddler on different machine and check if the problem persists? It may be machine-specific problem and by doing that we will eliminate this option.

Normally, Fiddler does not need DES option in order to work, so in this case the problem may be elsewhere, this is just triggering it. Is the problem reproducible with sample server or is it with your web server? If it is reproducible, would it be possible to provide us with the sample server so we could proceed with debugging it? Rather unfortunately, this seems to be the only way of finding the cause of this problem.

Regards,
Alexander
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Tags
Windows
Asked by
Matthew
Top achievements
Rank 1
Answers by
Alexander
Telerik team
Matthew
Top achievements
Rank 1
Share this question
or