New Fluxzy v2 just shipped. Electron is out, Tauri is in. gRPC ready, 3x smaller install. Learn more

setJa3FingerPrintAction Action

Override the JA3 fingerprint that Fluxzy presents during the TLS handshake so the upstream sees a specific client signature.

JA3 fingerprints turn the TLS handshake into a passive identifier of the client stack. With setJa3FingerPrintAction you decide which signature Fluxzy presents to the upstream, which is essential when an API filters by fingerprint or when you need to reproduce a captured session with byte for byte fidelity.

When to use this action

setJa3FingerPrintAction controls the JA3 fingerprint that Fluxzy advertises to the upstream during the TLS handshake. JA3 is a hash of selected TLS ClientHello fields, and many providers use it to identify the client behind the request.

Common reasons to set it:

  • Make the proxy connection look indistinguishable from a real browser to an upstream that filters by fingerprint.
  • Reproduce captured traffic by replaying the exact fingerprint of the original client.
  • Test how an upstream behaves when several clients share the same fingerprint.

Combine with impersonateAction when you need both a JA3 fingerprint and a matching set of HTTP headers and ALPN behaviour.

Real world examples

Apply a Chrome desktop fingerprint to API calls

Useful when an upstream blocks requests that do not look like a real browser. The fingerprint string is the JA3 hash that matches the target browser version.

rules:
- filter:
    typeKind: HostFilter
    pattern: api.partner.example.com
  actions:
  - typeKind: SetJa3FingerPrintAction
    value: 771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-13-18-51-45-43-27-17513,29-23-24,0

Reuse a fingerprint captured from real traffic

Replay traffic against an upstream by feeding back the exact JA3 fingerprint observed during the original capture session.

rules:
- filter:
    typeKind: HostFilter
    pattern: legacy.example.com
  actions:
  - typeKind: SetJa3FingerPrintAction
    value: 771,4865-4867-4866-49195-49199,0-23-65281-10-11-35,29-23-24,0

Reference

setJa3FingerPrintAction

Description

Set a JA3 fingerprint of ongoing connection.

Evaluation scope

Evaluation scope defines the timing where this filter will be applied.

requestHeaderReceivedFromClient This scope occurs the moment fluxzy parsed the request header receiveid from client

YAML configuration name

setJa3FingerPrintAction

Settings

The following table describes the customizable properties available for this action:

Property Type Description DefaultValue
value string

Example of usage

This filter has no specific usage example

.NET reference

View definition of SetJa3FingerPrintAction for .NET integration.

See also

This action has no related action

Frequently asked questions

What is a JA3 fingerprint?

It is a hash computed over a specific list of TLS ClientHello fields: version, cipher suites, extensions, elliptic curves, and elliptic curve point formats. The exact format is documented by the JA3 project on GitHub.

How is this different from impersonateAction?

impersonateAction applies a full client profile, including HTTP headers and ALPN values, that matches a known browser. setJa3FingerPrintAction is lower level and only controls the JA3 portion of the TLS handshake.

Where do I get a valid JA3 value?

Capture it from the client you want to mimic, or pick a published value from the JA3 fingerprints database. Make sure the value matches the TLS stack you want Fluxzy to advertise.

Will this make Fluxzy undetectable?

No. Fingerprinting is one of many signals. JA3 alone does not bypass detection systems that also inspect headers, timing, or behavioural patterns.

Learn more about Fluxzy rules

Rule file syntax reference Importing YAML rules into Fluxzy Desktop Using rule files with Fluxzy CLI
Browse all directives