Ubuntu firefox: secure connection failed

1 Answer 506 Views
Linux
Lorraine
Top achievements
Rank 1
Lorraine asked on 15 Mar 2023, 09:03 AM | edited on 15 Mar 2023, 09:04 AM

I'm trying to use fiddler v4.4.8.4 in my ubuntu 14.04 virtual machine to capture https connections, and I get "secure connection failed". Of course, when I close fiddler or don't check cature https connects, firefox works well.

I've done operations below:

1. Export root certificate to desktop, update proxy settings in firefox, import and trust fiddler certificate in firefox.

2. In firefox about:config, set:

  • security.tls.version.max=3
  • security.ssl.enable_ocsp_stapling=false

3. I've used openssl to recreate a crt ver. certificate, added it into /usr/share/ca-certificates/mozilla, and reconfigured it.

Does anybody know how to solve this problem?

1 Answer, 1 is accepted

Sort by
0
Nick Iliev
Telerik team
answered on 16 Mar 2023, 07:33 AM

Hello Lorraine Xu,

 

Version 4.4.8.4 of Fiddler Classic is approximately ten years old and is considered obsolete (the same goes for Ubuntu 14.04). That said, the secure connection failed error message indicates that there is probably an issue with the TLS version and/or the cipher suites used to complete the TLS handshake. It could be due to a mismatch between the used TLS version (client, proxy, and server).  The proxy might be negotiating a lower TLS version that is no longer supported by the server (like SSL 3.0, TLS 1.0, or TLS 1.1, which are all deprecated now). For example, some earlier versions of Fiddler (probably including 4.4.8.4) were not using TLS 1.2 by default (see why here https://www.telerik.com/blogs/fiddler-and-modern-tls-versions ). You could try to set Fiddler to use TLS 1.2 explicitly through the QuickExec (given that it was present in the 2014 version of the product)


prefs set fiddler.network.https.SupportedServerProtocolVersions ssl3;tls1.0;tls1.1;tls1.2
 
// You must restart Fiddler for this change to take effect.

In any way, if possible, you should think of testing your scenario with newer versions of both Fiddler and OS.

 

Regards,
Nick Iliev
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.

Lorraine
Top achievements
Rank 1
commented on 16 Mar 2023, 11:49 AM

You're right, they're obsolete. Now I'm using ubuntu 18.04 and fiddler v4.6, and this time I can capture HTTPS connections.

Tags
Linux
Asked by
Lorraine
Top achievements
Rank 1
Answers by
Nick Iliev
Telerik team
Share this question
or