WCF HTTP Basic Authentication with SSL3 through Fiddler

I’m consuming a 3rd party REST api with WCF as documented here and it’s pretty slick, but I ran into a debugging issue when trying to debug my WebInvoke Method=”POST” [OperationContract] using Cassini & Fiddler due to these parts of the API Implementation:

  1. All access to the production system will be over SSL/TLS. HTTP Basic Authentication is used.
  2. The API I have to call doesn’t support the TLS security protocol (which is the default) but supports SSLv3.

I was able to connect directly through Cassini, but no Auth header was being passed through when Fiddler was running, which resulted in my REST calls returning 502 (Bad Gateway) errors.

The solution is impressively simple (Fiddler SO rocks), but it took me a bit of searching to find the answer, so here’s how I solved it:

  1. From within Fiddler, open Rules—>Customize Rules…
  2. In the CustomRules.js file that command opened, I did the following:

    a. I added this to the OnBeforeRequest function:

    if (oSession.uriContains("[api url goes here]")){
     oSession.oRequest.headers["Proxy-Authorization"] = "Basic ";

    b. I added this to the Main() function:

    CONFIG.oAcceptedServerHTTPSProtocols = System.Security.Authentication.SslProtocols.Ssl3;

Voila! That fixed it & enabled me to start—>run—>debug my REST calls.

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: