Redirecting HTTPS tunnel issues wrong certificate to the client

4 posts, 0 answers
  1. Gavin
    Gavin avatar
    2 posts
    Member since:
    Jun 2018

    Posted 03 Jun Link to this post

    I configured fiddler to redirect all https traffic destined to oldURL.com to newURL.com, using the below fiddlerscript sample from the Telerik Fiddler documentation.

    This has been working fine for several months. Today I attempted to execute the same monthly process, but this time it failed.
    After some investigation I noticed that fiddler is returning a certificate with the wrong CN
    A quick test in Chrome shows that when browsing to https://oldURL.com, fiddler returns a certificate with a subject of CN=newURL.com

    This causes the handshake to fail with my application, and the montly process to abort.

    I can only assume that this issue crept in when I updated Fiddler last month to: v5.0.20181.14850 for .NET 4.6.1


    I have now worked around this by also adding oSession["X-OverrideCertCN"] = "oldURL.com";

    What is the correct way to redirect HTTPS request & Tunnel, whilst still providing a correctly named certificate to the client application?

     

    https://docs.telerik.com/fiddler/KnowledgeBase/FiddlerScript/ModifyRequestOrResponse

    <p>
     //Point all requests for one server to a different server, including HTTPS tunnels<br>
    // Redirect traffic, including HTTPS tunnels
    </p>
    <p>
    if (oSession.HTTPMethodIs("CONNECT") && (oSession.PathAndQuery == "www.example.com:443"))<br>
    { <br>
         oSession.PathAndQuery = "beta.example.com:443";<br>
    }<br>
    <br>
    if (oSession.HostnameIs("www.example.com")) oSession.hostname = "beta.example.com";  
    </p>
  2. Alexander
    Admin
    Alexander avatar
    336 posts

    Posted 07 Jun Link to this post

    Hello,

    What you are experiencing now seems to be the expected and correct behavior. Using the X-OverrideCertCN flag is the proper way to fix it.

    However, the original behavior (the one you observed before the update) seems to be incorrect and I want to examine it. Do you, by any chance, remember which version you updated from? If not - at least do you remember when did you update for the last time (before the v5.0.20181.14850 update, of course)?

    Regards,
    Alexander
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  3. Gavin
    Gavin avatar
    2 posts
    Member since:
    Jun 2018

    Posted 07 Jun in reply to Alexander Link to this post

    I am sorry, but I do not know what version I previously had.

    Is there an upgrade log file that might show what version it replaced?

  4. Alexander
    Admin
    Alexander avatar
    336 posts

    Posted 13 Jun Link to this post

    Hi,

    Rather unfortunately, there is not. One thing that we can do is to check the "Date created" of the "%LOCALAPPDATA%\Programs\Fiddler" folder. This can reduce the range of version which I should check in order to reproduce the problem.

    Regards,
    Alexander
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Back to Top