Telerik Forums / Fiddler
This is a migrated thread and some comments may be shown as answers.

SSL handshake error -- no "common algorithm"

0 Answers 521 Views
Fiddler Classic
This is a migrated thread and some comments may be shown as answers.
a
Top achievements
Rank 1
a asked on 27 Jul 2016, 07:41 PM

I am using Fiddler4 to debug a login to the following website: pge.com

When I am using Firefox as my browser, then after entering a login, I get an error in the HTTPS tunnelling.  It shows a red exclamation mark icon, and it says:

fiddler.network.https> HTTPS handshake to apim.pge.com (for #88) failed. System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < The client and server cannot communicate, because they do not possess a common algorithm
 
HTTPS handshake returned error SEC_E_ALGORITHM_MISMATCH.
Fiddler's Enabled HTTPS Protocols: [Default] are controlled inside Tools > Fiddler Options > HTTPS.

The error occurs multiple times as the connection gets retried.  The combination of Firefox and Fiddler cannot seem to move past this error.

However, when using Firefox without Fiddler, the login to the site works fine.  Also, when using Internet Explorer (instead of Firefox) with Fiddler, the handshake actually passes: I see the tunneling error happen once, and then another tunneling session occurs that's successful, which says:

Encrypted HTTPS traffic flows through this CONNECT tunnel. HTTPS Decryption is enabled in Fiddler, so decrypted sessions running in this tunnel will be shown in the Web Sessions list.
 
Secure Protocol: Tls
Cipher: Aes128 128bits
Hash Algorithm: Sha1 160bits
Key Exchange: RsaKeyX 2048bits
 
== Server Certificate ==========
[Subject]
  CN=apim.pge.com, O=Pacific Gas and Electric Company, L=San Francisco, S=California, C=US
 
[Issuer]
  CN=Entrust Certification Authority - L1K, OU="(c) 2012 Entrust, Inc. - for authorized use only", OU=See www.entrust.net/legal-terms, O="Entrust, Inc.", C=US
 
[Serial Number]
  676808CF0000000050D6B16E
 
[Not Before]
  1/15/2016 02:18:37 PM
 
[Not After]
  1/14/2019 02:48:36 PM
 
[Thumbprint]
  923913D8074596491D1117566C7CE78BA1143999
 
[SubjectAltNames]
apim.pge.com

 

You can reproduce these handshake errors by trying any login, even a bogus login (e.g. username="a", password="a").

Why does this handshake only fail using Firefox with Fiddler?  Why does it pass when Firefox is used without Fiddler, and why is Internet Explorer with Fiddler able to move past the error and do a successful handshake whereas Firefox with Fiddler is not able to?

Thanks.

No answers yet. Maybe you can help?

Tags
Fiddler Classic
Asked by
a
Top achievements
Rank 1
Share this question
or