Need More Info
Last Updated: 06 Dec 2020 06:31 by Eric
Created on: 04 Dec 2020 14:03
Type: Bug Report
Cant connect to site with "Decrypt SSL traffic" option set

Hello dear fiddler support.


The bug i've found is: Fiddler doesn't support some encryption ciphers.


Recently I was trying to connect to site with "Decrypt SSL traffic" option set in fiddler to my genuine surprise i couldn't even connect to site.

I am using chrome 87.0.4280.88 64bit  and fiddler v5.0.20204.45441 for .NET 4.6.1

Without  "Decrypt SSL traffic" option set in Fiddler - chrome works fine.


So i decided to investigate what actually happen.

I run to site to check supported ciphers - here you can check it

and tried to reproduce the issue with wirshark  on.


In wire shark i can see that there is no ciphers supported by site 

Cipher Suites (24 suites)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
    Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f)
    Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
    Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
    Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
    Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
    Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x006a)
    Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
    Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038)
    Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
    Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
    Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)


Now i now what the issue is about.

My question is how to fix the problem with ciphers.

In my opinion you should somehow add it in Fiddler.





Posted on: 06 Dec 2020 06:31

On Windows 10 with TLS/1.2 enabled in Fiddler, there are two ciphers that the server and client have in common:

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)   Forward Secrecy256

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)Forward Secrecy


if you're running Fiddler on an earlier version of Windows, it's possible that these ciphers aren't available even when TLS/1.3 is enabled.


(FWIW, "ssl3.0" should not be enabled in Fiddler except in very rare cases where the user knows that it's needed; if that's still enabled by default, it should probably be taken out.)


Nick Iliev
Posted on: 04 Dec 2020 14:32

Hello Vladimir,


With Google Chrome browser

version 86.0.4240.198 (Official Build) (64-bit) and


v5.0.20204.45441 for .NET 4.6.1
Built: Tuesday, November 3, 2020

I am able to successfully load and capture traffic from

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Fri, 04 Dec 2020 14:28:19 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 44335
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Link: <>; rel=""
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15724800; includeSubDomains


As noted here, Fiddler could not change the ciphers' availability, so you are probably facing a different issue. Check if you have enabled Fiddler to provide support for different protocol versions under Tools > Options > HTTPS  > Protocols. Mine looks like this




Nick Iliev
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at