Hello,
I use Fiddler and when checking the log file, I frequently notice errors such as this one...
fiddler.network.https> HTTPS handshake to www.google.com (for #94) failed. System.IO.IOException Authentication failed because the remote party has closed the transport stream.
Some websites do not load at all because of this type of error.
I spent quite some time to figure out the problem, but could not find it. Any idea, what could be the issue?
I run Fiddler on a second computer too, and it works fine. No error at all! On both computers I run MS Windows 7 with .NET 4.7, same setup for Fiddler as well.
My 'protocols' field looks like this:
<client>;ssl3;tls1.0;tls1.1;tls1.2
Below you can find the request and receive headers when encountering the error.
Thank you,
Alex
REQUEST HEADERS
=============================================================================================================
CONNECT www.google.com:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0
Connection: keep-alive
Connection: keep-alive
Host: www.google.com:443
A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.
Version: 3.3 (TLS/1.2)
Random: 69 24 11 FA 3D EF F1 7E A9 5F 92 78 37 68 B5 47 1B 61 46 CC BF 2B 8A 0C 45 87 0B A1 E7 8E 28 BD
"Time": 12/13/2102 6:30:33 AM
SessionID: BA 39 00 00 F7 22 04 DA 06 DA B4 86 08 B1 1E 3E C5 D5 D3 FE A2 0F 05 D0 AB ED CE 00 62 24 64 32
Extensions:
server_name www.google.com
extended_master_secret empty
renegotiation_info 00
elliptic_curves unknown [0x1D), secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19], unknown [0x100), unknown [0x101)
ec_point_formats uncompressed [0x0]
SessionTicket empty
ALPN h2, http/1.1
status_request OCSP - Implicit Responder
0x0033 00 69 00 1D 00 20 51 60 24 D5 6D 46 9A 3F 8B 13 FA 0E 77 FD 49 16 50 92 3A DB 4B FF 4A 5E 82 8D C8 6D 23 1C D1 10 00 17 00 41 04 49 EA 05 DA 6B 5D FB F2 84 96 01 A6 26 CA 84 DB C4 3B B4 87 92 F3 55 B0 43 CE 4C 3C 1D 73 9F 9F 3E 5C 5F 28 4A EA FE 86 EB 78 BE D4 28 AE F2 0E 7B 2F 68 4B 1F 4C E3 A4 61 B8 04 84 00 4A 5A FD
0x002b 08 03 04 03 03 03 02 03 01
signature_algs sha256_ecdsa, sha384_ecdsa, sha512_ecdsa, Unknown[0x8]_Unknown[0x4], Unknown[0x8]_Unknown[0x5], Unknown[0x8]_Unknown[0x6], sha256_rsa, sha384_rsa, sha512_rsa, sha1_ecdsa, sha1_rsa
0x002d 01 01
0x001c 40 01
padding 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Ciphers:
[1301] Unrecognized cipher - See http://www.iana.org/assignments/tls-parameters/
[1303] Unrecognized cipher - See http://www.iana.org/assignments/tls-parameters/
[1302] Unrecognized cipher - See http://www.iana.org/assignments/tls-parameters/
[C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
[C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[CCA9] TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
[CCA8] TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
[C02C] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
[C030] TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
[C00A] TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
[C009] TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
[C013] TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA
[C014] TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA
[0033] TLS_DHE_RSA_WITH_AES_128_SHA
[0039] TLS_DHE_RSA_WITH_AES_256_SHA
[002F] TLS_RSA_AES_128_SHA
[0035] TLS_RSA_AES_256_SHA
[000A] SSL_RSA_WITH_3DES_EDE_SHA
Compression:
[00] NO_COMPRESSION
RESPONSE HEADERS
=============================================================================================================
HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 14:14:15.397
Connection: close
fiddler.network.https> HTTPS handshake to www.google.com (for #94) failed. System.IO.IOException Authentication failed because the remote party has closed the transport stream
4 Answers, 1 is accepted
Thanks for contacting us.
The typical explanation for this message, as documented in many places, is that the client application has not been configured to trust Fiddler's root certificate. As such, the client closes the connection to Fiddler when it sees the untrusted certificate.
http://fiddler2.com/documentation/Configure-Fiddler/Tasks/TrustFiddlerRootCert
Hope this helps.Regards,
Kammen
Progress Telerik
Rank 1
Iron
Iron
The problem is that I did trust the Fiddler root certificate, as instructed in the page you provided.
The error is not frequent, as most of the websites I connect to are intercepted and decrypted without any problem. But, for a small percent of them (it must be something like 1%, or less), I get that error.
Yesterday I spent about an hour deleting and reinstalling the SSL certificate (both from the Fiddler GUI and manually). I also tried reinstalling Fiddler (no settings previously saved, a fresh install basically), but nothing seemed to work.
At some point I will try to reinstall everything (starting with Windows), as my last resort. Like I said, I use a second computer (same configuration for Windows and Fiddler), and it works fine on all requests.
If you have any idea what else I could try, please let me know.
Thank you,
Alex
Is it possible that you are using different Fiddler Certificate Providers on each machine. You could check this from the Tools\Options menu -> HTTPS tab and there should be a 'Certificates generated by ....' label.
Regards,
Simeon
Progress Telerik
Rank 1
Iron
Iron
Anyhow, in the meantime I managed to make it work by reinstalling the OS and all the applications. It is working flawlessly now. I switched from Windows 7 to 8.1, although I am sure it would have worked with Windows 7 too.
There was probably a glitch somewhere in the system, and reinstalling everything from scratch was the key to all this. From my experience I can say that, sometimes, a solution like this is much easier and less time consuming than searching for the needle in the haystack!
Thank you for you help!
Alex