Telerik Forums / Fiddler
This is a migrated thread and some comments may be shown as answers.

Redirecting HTTPS tunnel issues wrong certificate to the client

3 Answers 398 Views
Windows
This is a migrated thread and some comments may be shown as answers.
Gavin
Top achievements
Rank 1
Gavin asked on 03 Jun 2018, 10:03 PM

I configured fiddler to redirect all https traffic destined to oldURL.com to newURL.com, using the below fiddlerscript sample from the Telerik Fiddler documentation.

This has been working fine for several months. Today I attempted to execute the same monthly process, but this time it failed.
After some investigation I noticed that fiddler is returning a certificate with the wrong CN
A quick test in Chrome shows that when browsing to https://oldURL.com, fiddler returns a certificate with a subject of CN=newURL.com

This causes the handshake to fail with my application, and the montly process to abort.

I can only assume that this issue crept in when I updated Fiddler last month to: v5.0.20181.14850 for .NET 4.6.1


I have now worked around this by also adding oSession["X-OverrideCertCN"] = "oldURL.com";

What is the correct way to redirect HTTPS request & Tunnel, whilst still providing a correctly named certificate to the client application?

 

https://docs.telerik.com/fiddler/KnowledgeBase/FiddlerScript/ModifyRequestOrResponse

<p>
 //Point all requests for one server to a different server, including HTTPS tunnels<br>
// Redirect traffic, including HTTPS tunnels
</p>
<p>
if (oSession.HTTPMethodIs("CONNECT") && (oSession.PathAndQuery == "www.example.com:443"))<br>
{ <br>
     oSession.PathAndQuery = "beta.example.com:443";<br>
}<br>
<br>
if (oSession.HostnameIs("www.example.com")) oSession.hostname = "beta.example.com";  
</p>

3 Answers, 1 is accepted

Sort by
0
Alexander
Telerik team
answered on 07 Jun 2018, 10:46 AM
Hello,

What you are experiencing now seems to be the expected and correct behavior. Using the X-OverrideCertCN flag is the proper way to fix it.

However, the original behavior (the one you observed before the update) seems to be incorrect and I want to examine it. Do you, by any chance, remember which version you updated from? If not - at least do you remember when did you update for the last time (before the v5.0.20181.14850 update, of course)?

Regards,
Alexander
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
0
Gavin
Top achievements
Rank 1
answered on 07 Jun 2018, 07:08 PM

I am sorry, but I do not know what version I previously had.

Is there an upgrade log file that might show what version it replaced?

0
Alexander
Telerik team
answered on 13 Jun 2018, 10:38 AM
Hi,

Rather unfortunately, there is not. One thing that we can do is to check the "Date created" of the "%LOCALAPPDATA%\Programs\Fiddler" folder. This can reduce the range of version which I should check in order to reproduce the problem.

Regards,
Alexander
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Tags
Windows
Asked by
Gavin
Top achievements
Rank 1
Answers by
Alexander
Telerik team
Gavin
Top achievements
Rank 1
Share this question
or