Is there a way to get to the original CERTIFICATE REQUEST made as part of a SERVER HELLO?

0 Answers 60 Views
Fiddler Classic
Kevin
Top achievements
Rank 1
Kevin asked on 23 Nov 2022, 06:48 PM

In the CONNECT response frame, we have the "Client Certificate" so we know there was a CERTIFICATE REQUEST made by the server as part of its SERVER HELLO response. What I would like to know is what DN(s)/CN(s) the server sent down with the CERTIFICATE REQUEST. I have not been able to find any references to pull this out of the SERVER HELLO response.

  
Lini
Telerik team
commented on 25 Nov 2022, 03:48 PM

Fiddler Everywhere shows the CONNECT request for each secure connection it makes to a server. If you open the request in the session inspectors, the body of the request/response will contain all relevant information about the TLS handshake - request body shows client hello and server body shows server hello. In the server hello details you can find the [Subject] section with all Distinguished Name values (CN/O/L/S/C). Any extensions the server supports, like Subject Alternative Name, should also be listed further down in the response body inspector of the CONNECT session

No answers yet. Maybe you can help?

Tags
Fiddler Classic
Asked by
Kevin
Top achievements
Rank 1
Share this question
or