Pending Review
Last Updated: 08 Jan 2019 18:19 by Eric
Jochen Wezel
Created on: 02 Jan 2019 09:25
Type: Feature Request
6
Enable tls 1.2 by default

Since more and more websites enforce you to use tls 1.2 (and don't support tls 1.0 any more), I suggest that the list of protocols is automatically extended with tls1.2 by a next fiddler update - or at least there should be a single-time question box with Yes-No-Cancel to extend it.

Also see reference at https://www.telerik.com/forums/some-https-sites-are-unaccessible-when-using-fiddler

2 comments
Eric
Posted on: 08 Jan 2019 18:19
(Also worth noting is that Fiddler's Composer feature doesn't use TLS/1.2 when <client> is specified, and only uses whatever other versions are explicitly mentioned.)
EricLaw
Posted on: 02 Jan 2019 13:57

FWIW, by default, Fiddler includes the <client> token, which means that Fiddler will offer TLS/1.2 if the client does.

Having said that, this is probably a good change to make now that the number of sites that require TLS/1.2 probably exceeds the number of sites that break if you offer TLS/1.2.