Some HTTPS sites are unaccessible when using Fiddler

4 Answers 5633 Views
Windows
Kurt
Top achievements
Rank 1
Kurt asked on 25 Jul 2014, 12:09 AM
Hi,

I reviewed prior posts and I see that this question has been asked before but either I don't fully understand the solution or my problem is slightly different.  I am attempting to user Fiddler with SSL decryption enabled to visit a site that we use for a vendor product (which is based in Flash).   I am able to access alot of other HTTPs sites (such as Google, Paypal, etc.) and view the resulting traffic, but I cannot access this particular site that I need.

I installed Fiddler today so I have the newest copy.

I see the following log entry when I try to access the site:

16:48:19:9974 fiddler.network.https> HTTPS handshake to <> failed. System.IO.IOException Received an unexpected EOF or 0 bytes from the transport stream.

The SSL certificate is in the trusted root store.    When I attempt to visit the site, I am prompted to accept the untrusted certificate and then IE attempts to load the page for quite some time and never gets through.   I also tried in Chrome just to make sure this wasn't a browser-specfic problem.

I think I am very close and just need a little help to get through.   Please let me know any information I can provide to get to the bottom of this.  Thank you in advance. 
Kurt
Top achievements
Rank 1
commented on 25 Jul 2014, 12:11 AM

Also, I did some research and tried this solution but I receive the same error even after applying the rules, restarting my browser(s), and restarting Fiddler.

Thanks again.
Kurt
Top achievements
Rank 1
commented on 25 Jul 2014, 12:12 AM

Didn't mean to post 3 times... here is the solution I was referencing in the above post:

http://blogs.msdn.com/b/ieinternals/archive/2009/12/08/aes-is-not-a-valid-cipher-for-sslv3.aspx

I don't see an edit post option in these forums--my apologies.

4 Answers, 1 is accepted

Sort by
1
Fabio
Top achievements
Rank 1
answered on 15 Nov 2016, 10:32 AM

I was seeing the following exception:

System.Security.SecurityException Failed to negotiate HTTPS connection with server.fiddler.network.https. HTTPS handshake to api.etadirect.com (for #9) failed. System.IO.IOException Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. An existing connection was forcibly closed by the remote host

 

I was able to fix it by enabling the TLS1.2 protocol which is not enabled by default for outgoing connections (Tools / Fiddler Options.. / HTTPS / click on protocols list)

Jason
Top achievements
Rank 1
commented on 26 Jan 2017, 10:47 PM

Thanks Fabio, this fixed the issue for me.
Reg
Top achievements
Rank 1
Iron
commented on 14 Apr 2018, 08:31 AM

...adding the protocols fixed it for me as well.  Eric - Fiddler is a superb product and it has saved my sorry backside on countless occasions. Hope it provides you with an excellent pension when you retire, because you deserve it.
Jochen Wezel
Top achievements
Rank 1
commented on 31 Dec 2018, 04:14 PM

Since more and more websites enforce you to use tls 1.2 (and don't support tls 1.0 any more), I suggest that the list of protocols is automatically extended with tls1.2 by a next fiddler update - or at least there should be a single-time question box with Yes-No-Cancel to extend it.
Alexander
Telerik team
commented on 02 Jan 2019, 05:48 AM

Hello Jochen,

That's a valid idea. Would you mind adding it to our feedback portal?

Regards,
Alexander
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Anton Swanevelder
Top achievements
Rank 2
commented on 10 Jul 2019, 10:53 AM

I have been using Fiddler since Silverlight days, but today uninstalled it in favor of Postman, really don't have time to struggle with such trivial configuration issues.
Eric R | Senior Technical Support Engineer
Telerik team
commented on 10 Jul 2019, 02:07 PM

Hi Anton,

Your feedback is very appreciated and it is definitely unfortunate to hear that you have switched to an alternative product.

I wanted to mention that a resolution for this is currently being reviewed for implementation at the Enable tls 1.2 by Default feature request and I have increased the priority for you. I also recommend that you cast your vote and follow it to receive future updates.

Thank you for being a long-time Fiddler user and I hope that you will come back to Fiddler soon.

Regards,

Eric R
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Namrata
Top achievements
Rank 1
commented on 09 Apr 2020, 08:27 AM

Hi Fabio

I have downloaded Fiddler for Linux ( https://www.telerik.com/download/fiddler-everywhere )

But it don't have such options. 

I am not able to open few sites like  https://www.zillow.com/

Error:

An error occurred during a connection to www.zillow.com. PR_END_OF_FILE_ERROR
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.

 

Help will be appreciated.

Thanks and Regards,

Namrata

Eric R | Senior Technical Support Engineer
Telerik team
commented on 10 Apr 2020, 01:42 PM

Hi Namrata,

Thank you for providing this error. Note that this is the section related to the Fiddler desktop version which is only available on Windows machines. Since the issue is related to Fiddler Everywhere on Linux, it may not get a response. In order to get a more accurate response, I have created a public Bug Report for your issue and I recommend posting in the Fiddler Everywhere section of the forum as noted in the below screenshot. 

As a token of gratitude for your feedback I have increased the priority of the bug report by casting a vote on your behalf and encourage following the item to receive future updates.

Please let me know if you need any additional information. Thank you.

Regards,


Eric R | Senior Technical Support Engineer
Progress Telerik

Progress is here for your business, like always. Read more about the measures we are taking to ensure business continuity and help fight the COVID-19 pandemic.
Our thoughts here at Progress are with those affected by the outbreak.
0
Eric Lawrence
Telerik team
answered on 25 Jul 2014, 12:06 PM
Hello, if you see any message about an Untrusted Certificate, the system's configuration is not correct. Try disabling HTTPS decryption in Fiddler Options, and click "Remove Interception Certificate." Then, reenable Decryption and accept all prompts to trust the certificate. Then load a site and see if there are any error messages in the browser.

Regards,
Eric Lawrence
Telerik
 

Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

 
Kurt
Top achievements
Rank 1
commented on 25 Jul 2014, 04:36 PM

Hi Eric,

Thanks for responding so quickly!   I should have been more clear.  If I remove the cert from the Trusted Store (just for testing), I receive the SSL certificate untrusted and have to manually accept the cert.   When the Fiddler cert is in the Trusted Store, I cannot load this particular site.  Paypal/Gmail/etc. still work over HTTPS and if I look at the cert, it says that FIDDLER_DO_NOT_TRUST verified the identify of this site as Paypal (for example).

I'll try what you suggested, but I did this yesterday after reading some other posts and came to the same result.

What else might we try?  Thanks so much!
Kurt
Top achievements
Rank 1
commented on 25 Jul 2014, 09:54 PM

Got it working!  It only works when running IE as a non-administrator account.  I also can only access this particular tool via IP address as opposed to FQDN.  Thanks so much.  Great product.
0
Eric Lawrence
Telerik team
answered on 27 Jul 2014, 01:17 PM
Hello, Kurt--

By default, Fiddler only installs its Trusted Root certificate in the running-user's account; this means that a different user (e.g. an Administrator) will not trust that root certificate. 

You can configure the root certificate to be trusted Machine wide by running MMC.exe, selecting Certificates, choosing "Local Computer" and choosing to import Fiddler's root .cer (which you can export to your desktop inside Fiddler's Tools > Options > HTTPS) to the machine's Trusted store.

Regards,
Eric Lawrence
Telerik
 

Check out the Telerik Platform - the only platform that combines a rich set of UI tools with powerful cloud services to develop web, hybrid and native mobile apps.

 
Jorge
Top achievements
Rank 1
commented on 06 Apr 2015, 09:35 PM

Hi,

I am getting the same error message when trying to access a website using Fiddler v2.5.0.0 and the latest versions of Chrome and Firefox.

I tried the solution posted by Kurt and the workaround Eric suggested, but none of these worked. The funny thing is that I was using Fiddler against this very same site until a few days back, and it started failing today.

Please, check the captured dialog below for details. Thanks!
 

CONNECT [SERVER NAME]:443 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0
Connection: keep-alive
Connection: keep-alive
Host: [SERVER NAME]:443

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.1 (TLS/1.0)
Random: DD 2F 64 36 55 5B 79 02 5F 5F 0D 9B 90 71 F0 76 0A 3A D0 46 40 72 4F B3 CD 73 49 A1 C2 5C 79 C3
"Time": 01/12/1998 03:05:17 p.m.
SessionID: 1E 06 00 00 2A 42 2A C3 66 D9 D3 5E 48 5D DF 7F 39 27 3D 55 A8 7A 3D A6 73 46 45 45 B6 10 30 11
Extensions: 
server_name [SERVER NAME]
renegotiation_info 00
elliptic_curves secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]
ec_point_formats uncompressed [0x0]
SessionTicket empty
NextProtocolNego empty
ALPN h2-16, h2-15, h2-14, h2, spdy/3.1, http/1.1
status_request OCSP - Implicit Responder
Ciphers: 
[C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
[C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[C00A] TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
[C009] TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
[C013] TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA
[C014] TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA
[0033] TLS_DHE_RSA_WITH_AES_128_SHA
[0039] TLS_DHE_RSA_WITH_AES_256_SHA
[002F] TLS_RSA_AES_128_SHA
[0035] TLS_RSA_AES_256_SHA
[000A] SSL_RSA_WITH_3DES_EDE_SHA

Compression: 
[00] NO_COMPRESSION

HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 18:23:49.480
Connection: close

fiddler.network.https> HTTPS handshake to [SERVER NAME] failed. System.IO.IOException Received an unexpected EOF or 0 bytes from the transport stream.

Jorge
Top achievements
Rank 1
commented on 06 Apr 2015, 10:05 PM

The above request was made in Windows 8.1 using Fiddler2. With Fiddler4, the error message is a bit different:

 

HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 19:03:33.858
Connection: close

fiddler.network.https> HTTPS handshake to [SERVER NAME] failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted


Eric Lawrence
Telerik team
commented on 07 Apr 2015, 02:25 PM

Hi, Jorge--

Unless you can share the actual server name and/or a SAZ or PCAPNG capture, it's unlikely that anyone will be able to help you. The message below suggests that the target is not returning a properly-formed HTTPS response.

Regards,
Eric Lawrence
Telerik
 

See What's Next in App Development. Register for TelerikNEXT.

 
Nisha
Top achievements
Rank 1
commented on 08 Sep 2016, 03:03 PM

I still see an error  HTTPS handshake to <> failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted

 

I tried all the above options but still the same error. Help will be appreciated.

will
Top achievements
Rank 1
commented on 14 Sep 2016, 12:12 PM

[quote]I still see an error  HTTPS handshake to <> failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The message received was unexpected or badly formatted[/quote]

I am seeing the same error.

0
Kevin
Top achievements
Rank 1
answered on 08 May 2015, 03:11 PM

I highly suspect that HTTP2 is used here, at least that's the last readable handshake information:

ALPN h2-16, h2-15, h2-14, h2, spdy/3.1, http/1.1

 

Eric Lawrence
Telerik team
commented on 08 May 2015, 03:30 PM

Hello, Kevin--

HTTP2 isn't used through Fiddler when HTTPS decryption is on. All clients will fall back to HTTP/1.1 when HTTP2 isn't available.


Regards,
Eric Lawrence
Telerik
 

See What's Next in App Development. Register for TelerikNEXT.

 
Tags
Windows
Asked by
Kurt
Top achievements
Rank 1
Answers by
Fabio
Top achievements
Rank 1
Eric Lawrence
Telerik team
Kevin
Top achievements
Rank 1
Share this question
or