PR_CONNECT_RESET_ERROR, A call to SSPI failed, see inner exception.

1 Answer 1386 Views
Fiddler Classic
Noob Saibot
Top achievements
Rank 1
Iron
Noob Saibot asked on 06 Nov 2022, 04:16 PM

I couldn't solve this one by myself even after googling and reading dozens of related threads on Fiddler's forum, feedback, google group, etc.

Problem: About 5% of the sites i visit doesn't work while Fiddler is active with Decrypt HTTP Traffic on.

For example, these 2 sites doesn't work for me.

https://blueproject.ro/systracer
https://learn.microsoft.com/

My OS: Windows 7 x64 SP1

Here's what I've tried so far

  • Tried Firefox, Chrome, Opera (All latest)
  • Tried uninstalling & reinstalling Fiddler
  • Tried "Reset All Certificates" and trusting again multiple times.
  • Also tried manually removing all DO_NOT_Trust certificates by using mmc.exe. I've realized that Fiddler's "Reset All Certificates" doesn't remove all Fiddler certificates in "Intermediate Certification Authorities". But it didn't fix the problem.
  • Tried all possible combination of <client>;ssl3;tls1.0;tls1.1;tls1.2

Here's the fiddler log when i open exactly this https://blueproject.ro/systracer URL in Firefox

-= Progress Telerik Fiddler Classic Event Log =-

See http://fiddler2.com/r/?FiddlerLog for details.

23:21:05:8975 Progress Telerik Fiddler Classic Running...
23:21:11:7744 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:21:11:7744 Assembly 'C:\Users\User\AppData\Local\Programs\Fiddler\CertMaker.dll' was not found. Using default Certificate Generator.
23:21:11:7783 /Fiddler.CertMaker> Using .‰+˜ for certificate generation; UseWildcards=True.
23:21:12:0537 fiddler.network.https> HTTPS handshake to blueproject.ro (for #1) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
23:21:12:3154 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:21:12:5791 fiddler.network.https> HTTPS handshake to blueproject.ro (for #2) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
23:21:12:8467 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:21:13:1162 fiddler.network.https> HTTPS handshake to blueproject.ro (for #3) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
23:21:13:3994 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:21:13:6807 fiddler.network.https> HTTPS handshake to blueproject.ro (for #4) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
23:21:13:9541 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:21:14:2256 fiddler.network.https> HTTPS handshake to blueproject.ro (for #5) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
23:21:14:4912 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:21:14:7568 fiddler.network.https> HTTPS handshake to blueproject.ro (for #6) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
23:21:15:0225 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:21:15:2861 fiddler.network.https> HTTPS handshake to blueproject.ro (for #7) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
23:21:15:5576 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:21:15:8271 fiddler.network.https> HTTPS handshake to blueproject.ro (for #8) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
23:21:16:0947 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:21:16:3584 fiddler.network.https> HTTPS handshake to blueproject.ro (for #9) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
23:21:16:6240 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
23:21:16:8896 fiddler.network.https> HTTPS handshake to blueproject.ro (for #10) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326

First tunnel copied from TextView

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
Random: F5 E2 DA F9 57 52 AE 1C 7B C8 D7 1E 76 A1 22 ED 18 60 8C CB 8A 0F 4F 22 CA D2 7F D0 A1 BF 0C C2
"Time": 11/2/2102 8:48:53 AM
SessionID: 4F 31 0B 04 5B AD 5B 77 F2 BA 91 AF 25 C6 E8 D5 ED 4D D9 A4 2E 3D 8C AE 78 4A C9 99 3A F9 05 C7
Extensions: 
	server_name	blueproject.ro
	extended_master_secret	empty
	renegotiation_info	00
	supported_groups	x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19], ffdhe2048 [0x0100], ffdhe3072 [0x0101]
	ec_point_formats	uncompressed [0x0]
	SessionTicket	empty
	ALPN		h2, http/1.1
	status_request	OCSP - Implicit Responder
	0x0022		00 08 04 03 05 03 06 03 02 03
	key_share	00 69 00 1D 00 20 7B 47 E1 A6 18 97 36 A3 6C 5C EB 5F 37 66 21 17 E3 FA CB 50 5C C1 11 A7 07 54 69 91 27 E6 83 5F 00 17 00 41 04 59 C3 79 25 5C 1C 95 23 31 0D 1F 97 8B C8 5B AB 0F 3C 0D 41 15 0B 6F 1A 7C E2 91 4F 2E 28 51 A3 D4 02 DA 8B 8E D0 58 18 AE CF 14 02 AE E2 F4 C0 5C 43 55 34 11 8A F6 7B 97 F5 B3 F8 78 B0 18 09
	supported_versions	Tls1.3, Tls1.2
	signature_algs	ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha1, rsa_pkcs1_sha1
	psk_key_exchange_modes	01 01
	0x001c		40 01
	padding		136 null bytes
Ciphers: 
	[1301]	TLS_AES_128_GCM_SHA256
	[1303]	TLS_CHACHA20_POLY1305_SHA256
	[1302]	TLS_AES_256_GCM_SHA384
	[C02B]	TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
	[C02F]	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	[CCA9]	TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
	[CCA8]	TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
	[C02C]	TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
	[C030]	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	[C00A]	TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
	[C009]	TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
	[C013]	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	[C014]	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	[009C]	TLS_RSA_WITH_AES_128_GCM_SHA256
	[009D]	TLS_RSA_WITH_AES_256_GCM_SHA384
	[002F]	TLS_RSA_WITH_AES_128_CBC_SHA
	[0035]	TLS_RSA_WITH_AES_256_CBC_SHA

Compression: 
	[00]	NO_COMPRESSION

If i press "Follow TCP stream" on Client Hello in Wireshark. Are these sites thinking i entered HTTP link or something?

...........cg....Tc....~.......o....@h....3..4.(.'.........9.3.....=.<.5./.,.+.$.#.



. .j.@.8.2.

.....H.........blueproject.ro.

...............

.....................................(<html><head><title>400 Bad Request</title></head><body>

<h2>HTTPS is required</h2>

<p>This is an SSL protected page, please use the HTTPS scheme instead of the plain HTTP scheme to access this URL.<br />

<blockquote>Hint: The URL should starts with <b>https</b>://</blockquote> </p>

<hr />

Powered By LiteSpeed Web Server<br />

<a href='http://www.litespeedtech.com'><i>http://www.litespeedtech.com</i></a>

</body></html>
Handshake Faliure from Wireshark
Transport Layer Security
    TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Handshake Failure)
        Content Type: Alert (21)
        Version: TLS 1.2 (0x0303)
        Length: 2
        Alert Message
            Level: Fatal (2)
            Description: Handshake Failure (40)

Tried alternative HTTPS decrypters and they worked fine on the 2 examples above.

I wonder what's going on?

Thank you

1 Answer, 1 is accepted

Sort by
1
Accepted
Nick Iliev
Telerik team
answered on 06 Nov 2022, 07:39 PM

Hello Shang,

 

Try to replace the default CA creation tool in Fiddler Classic with Bouncy Castle CertMaker (available for download here: https://www.telerik.com/fiddler/add-ons ). More information about the different certificate generators can be found here: https://www.telerik.com/blogs/understanding-fiddler-certificate-generators 

As a side note, I've tried the sample URLs with Fiddler Everywhere (which uses Bouncy Castle by default), and the decryption is working as expected.

 

Regards,
Nick Iliev
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.

Noob Saibot
Top achievements
Rank 1
Iron
commented on 07 Nov 2022, 06:54 AM

Hi, Nick.

Just tried Bouncy Castle CertMaker and the issue still persists. I was already using it before resetting my Fiddler anyway, albeit older version.

I am going to try CertEnroll in the meantime.

Same Handshake Failure on both example site.

-= Progress Telerik Fiddler Classic Event Log =-
See http://fiddler2.com/r/?FiddlerLog for details.

14:29:20:7172 Progress Telerik Fiddler Classic Running...
14:29:24:4193 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:29:24:4232 Fiddler ICertificateProvider v4.5.0.3 loaded.
	fiddler.certmaker.bc.Debug:	False
	ObjectID:			0x226dcf

Win32 (SChannel) Native Error Code: 0x80090326
14:35:24:5931 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:35:24:6537 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #1) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:35:24:7181 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:35:24:7806 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #2) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:35:24:8451 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:35:24:9076 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #3) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:35:24:9720 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:35:25:0365 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #4) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:35:25:0951 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:35:25:1537 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #5) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:35:25:2142 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:35:25:2728 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #6) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:35:25:3412 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:35:25:4076 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #7) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:35:25:4740 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:35:25:5384 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #8) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:35:25:6029 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:35:25:6673 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #9) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:35:25:7318 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:35:25:7943 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #10) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:36:41:9857 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:36:42:2816 fiddler.network.https> HTTPS handshake to blueproject.ro (for #18) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:36:42:5463 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:36:42:8099 fiddler.network.https> HTTPS handshake to blueproject.ro (for #19) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:36:43:0892 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:36:43:3666 fiddler.network.https> HTTPS handshake to blueproject.ro (for #20) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:36:43:6332 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:36:43:8978 fiddler.network.https> HTTPS handshake to blueproject.ro (for #21) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:36:44:1683 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:36:44:4379 fiddler.network.https> HTTPS handshake to blueproject.ro (for #22) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:36:44:7064 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:36:44:9750 fiddler.network.https> HTTPS handshake to blueproject.ro (for #23) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:36:45:2386 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:36:45:5004 fiddler.network.https> HTTPS handshake to blueproject.ro (for #24) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:36:45:7699 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:36:46:0375 fiddler.network.https> HTTPS handshake to blueproject.ro (for #25) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:36:46:3187 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:36:46:5980 fiddler.network.https> HTTPS handshake to blueproject.ro (for #26) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:36:46:8636 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:36:47:1293 fiddler.network.https> HTTPS handshake to blueproject.ro (for #27) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
14:40:01:2679 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:40:02:4125 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:40:04:6341 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:40:05:8861 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:40:07:2259 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:40:07:3841 !SecureClientPipeDirect failed: System.IO.IOException Unable to read data from the transport connection: An established connection was aborted by the software in your host machine. < An established connection was aborted by the software in your host machine for pipe (CN=d3ba5g9yhie26y.cloudfront.net, O=DO_NOT_TRUST_BC, OU=Created by http://www.fiddler2.com)
14:40:08:3920 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
14:42:05:7572 Saved Event Log to Web Sessions list as Session #50 


Noob Saibot
Top achievements
Rank 1
Iron
commented on 07 Nov 2022, 07:09 AM

CertEnroll doesn't work either
-= Progress Telerik Fiddler Classic Event Log =-

15:06:13:6605 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
15:06:13:6625 /Fiddler.CertMaker> Invoking CertEnroll for Subject: CN=*.microsoft.com, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com; Thread's ApartmentState: MTA
15:06:13:6625 /Fiddler.CertMaker> Reusing PrivateKey for '*.microsoft.com'
15:06:13:6996 /Fiddler.CertMaker> Finished CertEnroll for 'CN=*.microsoft.com, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com'. Returning cert
15:06:13:7582 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #1) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
15:06:13:8187 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
15:06:13:8793 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #2) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
15:06:13:9379 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
15:06:13:9965 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #3) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
15:06:14:0570 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
15:06:14:1156 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #4) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
15:06:14:1761 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
15:06:14:2347 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #5) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
15:06:14:2953 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
15:06:14:3539 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #6) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
15:06:14:4164 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
15:06:14:4769 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #7) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
15:06:14:5375 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
15:06:14:5980 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #8) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
15:06:14:6586 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
15:06:14:7191 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #9) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326
15:06:14:7797 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
15:06:14:8402 fiddler.network.https> HTTPS handshake to learn.microsoft.com (for #10) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

Win32 (SChannel) Native Error Code: 0x80090326

Nick Iliev
Telerik team
commented on 09 Nov 2022, 07:23 AM

Most likely, the issue is related to the limited support of the newer version of TLS in Windows 7. Some updates can be used to enable TLS 1.2 (https://support.microsoft.com/en-us/topic/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-winhttp-in-windows-c4bd73d2-31d7-761e-0178-11268bb10392 ), but overall the OS is out of support for a few years now, and I am not sure that will solve the problem.
Eric
Top achievements
Rank 1
commented on 10 Nov 2022, 06:14 PM

Nick's answer is the correct one: You can see on SSLLabs.com the ciphers the servers in question offer, and for TLS/1.2, it's a short list (3 ciphers) which does not intersect with the cipher list of the Windows 7 version you're using (see the "IE11/Windows 7: Handshake failure" notice on the page). 

So, unfortunately to fix this you'll need to run Fiddler on a later version of Windows.

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)   ECDH secp256r1 (eq. 3072 bits RSA)   FS256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)   ECDH secp256r1 (eq. 3072 bits RSA)   FS128
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)   ECDH secp256r1 (eq. 3072 bits RSA)   FS

 

Tags
Fiddler Classic
Asked by
Noob Saibot
Top achievements
Rank 1
Iron
Answers by
Nick Iliev
Telerik team
Share this question
or