Progress® Telerik® Fiddlerâ„¢ Classic Feedback Portal
Back to Feed
Request a Feature Report a Bug
Under Review
Last Updated: 17 Jun 2016 05:00 by Eric
Kevin
Created on: 26 Apr 2016 04:59
Type: Feature Request
5
TLS handshake inspection
To my knowledge, a Fiddler extension has no means of getting the raw TLS handshake data.

This would be extremely useful for some extensions I develop. Two use cases are, first, getting the TLS extensions. The primary motivation for this is to extract SCTs from the signed_certificate_timestamp extension. But I am sure there are other cases where I'll need more.

The second being getting the certificate in the case of a blind tunnel when HTTPS interception is disabled, then the certificate chain could still be obtained from the ServerHello.
2 comments
Eric
Posted on: 17 Jun 2016 05:00 
Today, Fiddler has some of this data (it uses a stream wrapper to eat TLS "SNI Name Mismatch" Warnings to avoid a bug in .NET; I'd considered generalizing this to expose some other interesting data (specifically, the size of the ServerHello and the number of certificates in the chain supplied) but never got around to it.
Kevin
Posted on: 26 Apr 2016 05:00 
To be clear, I not asking for a GUI around this or anything fancy, just a byte[] of ClientHello, ServerHello, etc. on Session.
Create an account Log In
View
Type
Status