I am testing against an HTTPS intranet server that Fiddler is unable to proxy to. I set the Protocols to <client>;tls1.2 and that did not work. I changed back to tls 1.0.
I restarted Fiddler with this as the Protocols list:
<client>;tls1.0
Wireshark shows Fiddler is still sending a Client Hello with TLS 1.2!
Please add additional logging / troubleshooting.
Current log:
14:23:17:3284 Assembly 'C:\Users\xxxx\AppData\Local\Programs\Fiddler\CertMaker.dll' was not found. Using default Certificate Generator.
14:23:17:3349 /Fiddler.CertMaker> Using .+ for certificate generation; UseWildcards=True.
more woes with this. Try doing a GET by entering this in the browser ( I was using Edge on Windows 10 here)
https://login.microsoftonline.com/sdfdsfdsf
This will return a 404 NOT FOUND if Fiddler is not enabled.
It will block and eventually return a Proxy error if you enable Fiddler - regardless of what is in the Protocols list, and even if I whitelist the domain in"skip decryption"
If you use <client>;tls1.0, this means that Fiddler will use whatever protocols your client offers, as well as TLS/1.0. In the event that there is no client (e.g. you're using the Composer), only TLS/1.0 should be offered: https://www.telerik.com/blogs/fiddler-and-modern-tls-versions
I changed from to
<client>; ssl3;tls1.1
ssl3;tls1.0
And now it WORKS.
In this configuration Fidder is sending a Client Hello
Version TLS 1.0 (ox0301)
Handshake Protocol: Client Hello
Version TLS 1.2 (ox0303)
This works.
Please add logging so it shows what exactly Fiddler is sending on the handshake. Evidently the user input for the HTTPS Protocols is a bit buggy / finicky.
Please document what <client> does as well.