We have been in the process of deploying HAProxy as a SSL terminator
between our client software and back end services. In the testing
phases, everything is working great and looking good with one
exception: Some old client software that utilizes a Java SSL
implementation fail to connect and we end up with logs like this:
[20/Feb/2015:15:49:51.632] https_frontend~ https_frontend/<NOSRV>
-1/-1/-1/-1/23 400 187 - - CR-- 0/0/0/0/0 0/0 "<BADREQ>"
Without HAProxy in the mix, these same clients connect up to our
Mochiweb services (via SSL) just fine. Additionally, our newer clients
that are OpenSSL based communicate with HAProxy (termination) ->
Mochiweb (via HTTP) just fine as well.
>From what I can tell, it appears as though we may have a combination
of two bad things:
1) Clients sending some sort of non-standard handshake
3) Mochiweb has been allowing it.
Some additional gritty details:
* socat 'show errors' shows 0 errors
* The same bad clients fail to connect to a OpenSSL s_server (logs below)
Since we can't even properly connect to s_server, that may be the end
of the road for those clients. However, I'm hoping there may be
something that could be configured to allow them through HAProxy.
Below is a s_server log. Note the read failure at the end. A similar
capture in the view of Wireshark is below that. Lastly, *with* HAProxy
when the NOSRV/BADREQ is issued, the client is sent a encrypted 400
Bad Request.
Any help/tips appreciated! This represents a large client base that
unfortunately cannot be updated for the time being. If we cannot go
through HAProxy directly, the next step is to figure out a way to
route old clients around it :(
------/snip/------
sudo openssl s_server -accept 443 -cert
~/Downloads/json_rpc_server_cert_and_key.pem -msg -debug -state
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
SSL_accept:before/accept initialization
read from 0x1a43e90 [0x1a49580] (11 bytes => 11 (0xB))
0000 - 16 03 01 00 d3 01 00 00-cf 03 01 ...........
read from 0x1a43e90 [0x1a4958e] (205 bytes => 205 (0xCD))
0000 - 54 e7 c3 80 5c a7 15 6b-ac 69 3e 5f b2 9e ba 87 T...\..k.i>_....
0010 - 53 19 92 5b 0a 21 e5 32-f7 29 22 8e 03 0c 54 f4 S..[.!.2.)"...T.
0020 - 20 87 17 d7 e9 44 c6 cc-76 2e c0 aa 54 05 94 af ....D..v...T...
0030 - 9c f1 24 59 ac fb 6b 7c-c0 7e 0b b8 65 f8 48 a5 ..$Y..k|.~..e.H.
0040 - fc 00 46 00 04 00 05 00-2f 00 35 c0 02 c0 04 c0 ..F...../.5.....
0050 - 05 c0 0c c0 0e c0 0f c0-07 c0 09 c0 0a c0 11 c0 ................
0060 - 13 c0 14 00 33 00 39 00-32 00 38 00 0a c0 03 c0 ....3.9.2.8.....
0070 - 0d c0 08 c0 12 00 16 00-13 00 09 00 15 00 12 00 ................
0080 - 03 00 08 00 14 00 11 00-ff 01 00 00 40 00 0b 00 ............@...
0090 - 04 03 00 01 02 00 0a 00-34 00 32 00 0e 00 0d 00 ........4.2.....
00a0 - 19 00 0b 00 0c 00 18 00-09 00 0a 00 16 00 17 00 ................
00b0 - 08 00 06 00 07 00 14 00-15 00 04 00 05 00 12 00 ................
00c0 - 13 00 01 00 02 00 03 00-0f 00 10 00 11 .............
<<< TLS 1.0 Handshake [length 00d3], ClientHello
01 00 00 cf 03 01 54 e7 c3 80 5c a7 15 6b ac 69
3e 5f b2 9e ba 87 53 19 92 5b 0a 21 e5 32 f7 29
22 8e 03 0c 54 f4 20 87 17 d7 e9 44 c6 cc 76 2e
c0 aa 54 05 94 af 9c f1 24 59 ac fb 6b 7c c0 7e
0b b8 65 f8 48 a5 fc 00 46 00 04 00 05 00 2f 00
35 c0 02 c0 04 c0 05 c0 0c c0 0e c0 0f c0 07 c0
09 c0 0a c0 11 c0 13 c0 14 00 33 00 39 00 32 00
38 00 0a c0 03 c0 0d c0 08 c0 12 00 16 00 13 00
09 00 15 00 12 00 03 00 08 00 14 00 11 00 ff 01
00 00 40 00 0b 00 04 03 00 01 02 00 0a 00 34 00
32 00 0e 00 0d 00 19 00 0b 00 0c 00 18 00 09 00
0a 00 16 00 17 00 08 00 06 00 07 00 14 00 15 00
04 00 05 00 12 00 13 00 01 00 02 00 03 00 0f 00
10 00 11
SSL_accept:SSLv3 read client hello A
>>> TLS 1.0 Handshake [length 0051], ServerHello
02 00 00 4d 03 01 54 d2 59 b6 3e ad 8a d7 82 e6
ac 2c ed 75 4e 55 c4 ad 68 8a fc 91 45 57 16 33
ed f5 b7 c9 60 0f 20 ea 01 a9 ee 17 71 39 02 70
2c cc 9a 19 af 9b a8 69 4d b4 36 f8 70 0b 17 4f
d9 10 e4 46 85 1a 65 00 04 00 00 05 ff 01 00 01
00
write to 0x1a43e90 [0x1a53070] (86 bytes => 86 (0x56))
0000 - 16 03 01 00 51 02 00 00-4d 03 01 54 d2 59 b6 3e ....Q...M..T.Y.>
0010 - ad 8a d7 82 e6 ac 2c ed-75 4e 55 c4 ad 68 8a fc ......,.uNU..h..
0020 - 91 45 57 16 33 ed f5 b7-c9 60 0f 20 ea 01 a9 ee .EW.3....`. ....
0030 - 17 71 39 02 70 2c cc 9a-19 af 9b a8 69 4d b4 36 .q9.p,......iM.6
0040 - f8 70 0b 17 4f d9 10 e4-46 85 1a 65 00 04 00 00 .p..O...F..e....
0050 - 05 ff 01 00 01 .....
0056 - <SPACES/NULS>
SSL_accept:SSLv3 write server hello A
>>> TLS 1.0 Handshake [length 02f3], Certificate
0b 00 02 ef 00 02 ec 00 02 e9 30 82 02 e5 30 82
02 4e 02 09 00 c9 ed cb 4c a7 a1 25 2d 30 0d 06
09 2a 86 48 86 f7 0d 01 01 05 05 00 30 81 b6 31
0b 30 09 06 03 55 04 06 13 02 55 53 31 0d 30 0b
06 03 55 04 08 13 04 55 74 61 68 31 17 30 15 06
03 55 04 07 13 0e 53 61 6c 74 20 4c 61 6b 65 20
43 69 74 79 31 19 30 17 06 03 55 04 0a 13 10 43
6f 6e 74 65 6e 74 57 61 74 63 68 2e 63 6f 6d 31
16 30 14 06 03 55 04 0b 13 0d 47 68 6f 74 69 20
53 65 72 76 65 72 73 31 1b 30 19 06 03 55 04 03
14 12 2a 2e 63 6f 6e 74 65 6e 74 77 61 74 63 68
2e 63 6f 6d 31 2f 30 2d 06 09 2a 86 48 86 f7 0d
01 09 01 16 20 73 6d 63 71 75 65 65 6e 20 61 74
20 63 6f 6e 74 65 6e 74 77 61 74 63 68 20 64 6f
74 20 63 6f 6d 30 1e 17 0d 31 32 30 31 32 34 32
30 32 36 30 31 5a 17 0d 32 32 30 31 32 31 32 30
32 36 30 31 5a 30 81 b6 31 0b 30 09 06 03 55 04
06 13 02 55 53 31 0d 30 0b 06 03 55 04 08 13 04
55 74 61 68 31 17 30 15 06 03 55 04 07 13 0e 53
61 6c 74 20 4c 61 6b 65 20 43 69 74 79 31 19 30
17 06 03 55 04 0a 13 10 43 6f 6e 74 65 6e 74 57
61 74 63 68 2e 63 6f 6d 31 16 30 14 06 03 55 04
0b 13 0d 47 68 6f 74 69 20 53 65 72 76 65 72 73
31 1b 30 19 06 03 55 04 03 14 12 2a 2e 63 6f 6e
74 65 6e 74 77 61 74 63 68 2e 63 6f 6d 31 2f 30
2d 06 09 2a 86 48 86 f7 0d 01 09 01 16 20 73 6d
63 71 75 65 65 6e 20 61 74 20 63 6f 6e 74 65 6e
74 77 61 74 63 68 20 64 6f 74 20 63 6f 6d 30 81
9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00
03 81 8d 00 30 81 89 02 81 81 00 e1 50 b8 9c e3
27 0a 95 4d 38 77 f7 9f 64 03 2f fd 4e 3e 4d 9c
79 a4 63 53 67 b8 37 36 6c 4a 77 d8 3e ef 9c 99
68 71 74 d3 dc ed 04 ba b3 43 92 98 a8 e2 e9 c1
4e 91 ef f1 08 a7 2e 52 6b e6 bd 4c 1f f7 ed e9
37 c2 6d f4 e5 8c 88 68 c0 57 21 38 4f 46 89 0a
e4 98 fb 3c 4c 3f 44 1b b1 62 31 4f 4a 84 65 1d
59 72 6a 24 d2 23 7b c1 20 d8 85 7f a4 74 16 e5
8a c5 3c 65 6b 02 2c 6d 94 4a 7d 02 03 01 00 01
30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03
81 81 00 30 bd b0 3d c0 34 8e a5 bf 4d 1c bd 9d
26 79 4e 98 b2 24 07 85 c8 3c 31 95 9d 95 6d 10
ed b3 8c b1 fa 95 08 78 fb 8a 68 6d 22 4b be 14
23 32 74 7a fc 59 2d f3 8a ea 88 04 bd 73 90 9d
05 b5 0e ac 65 5d f9 f4 90 74 eb 72 82 82 f6 bd
27 5d 96 02 14 09 21 bc 5d 28 a5 d8 da cc 4f 81
b6 43 04 0e a4 08 3c f4 ee 9e 31 62 b9 4f 9c 2b
a2 1c 3e 3f 83 75 f2 5e d5 95 e6 43 96 14 98 7d
04 e8 64
write to 0x1a43e90 [0x1a53070] (760 bytes => 760 (0x2F8))
0000 - 16 03 01 02 f3 0b 00 02-ef 00 02 ec 00 02 e9 30 ...............0
0010 - 82 02 e5 30 82 02 4e 02-09 00 c9 ed cb 4c a7 a1 ...0..N......L..
0020 - 25 2d 30 0d 06 09 2a 86-48 86 f7 0d 01 01 05 05 %-0...*.H.......
0030 - 00 30 81 b6 31 0b 30 09-06 03 55 04 06 13 02 55 .0..1.0...U....U
0040 - 53 31 0d 30 0b 06 03 55-04 08 13 04 55 74 61 68 S1.0...U....Utah
0050 - 31 17 30 15 06 03 55 04-07 13 0e 53 61 6c 74 20 1.0...U....Salt
0060 - 4c 61 6b 65 20 43 69 74-79 31 19 30 17 06 03 55 Lake City1.0...U
0070 - 04 0a 13 10 43 6f 6e 74-65 6e 74 57 61 74 63 68 ....ContentWatch
0080 - 2e 63 6f 6d 31 16 30 14-06 03 55 04 0b 13 0d 47 .com1.0...U....G
0090 - 68 6f 74 69 20 53 65 72-76 65 72 73 31 1b 30 19 hoti Servers1.0.
00a0 - 06 03 55 04 03 14 12 2a-2e 63 6f 6e 74 65 6e 74 ..U....*.content
00b0 - 77 61 74 63 68 2e 63 6f-6d 31 2f 30 2d 06 09 2a watch.com1/0-..*
00c0 - 86 48 86 f7 0d 01 09 01-16 20 73 6d 63 71 75 65 .H....... smcque
00d0 - 65 6e 20 61 74 20 63 6f-6e 74 65 6e 74 77 61 74 en at contentwat
00e0 - 63 68 20 64 6f 74 20 63-6f 6d 30 1e 17 0d 31 32 ch dot com0...12
00f0 - 30 31 32 34 32 30 32 36-30 31 5a 17 0d 32 32 30 0124202601Z..220
0100 - 31 32 31 32 30 32 36 30-31 5a 30 81 b6 31 0b 30 121202601Z0..1.0
0110 - 09 06 03 55 04 06 13 02-55 53 31 0d 30 0b 06 03 ...U....US1.0...
0120 - 55 04 08 13 04 55 74 61-68 31 17 30 15 06 03 55 U....Utah1.0...U
0130 - 04 07 13 0e 53 61 6c 74-20 4c 61 6b 65 20 43 69 ....Salt Lake Ci
0140 - 74 79 31 19 30 17 06 03-55 04 0a 13 10 43 6f 6e ty1.0...U....Con
0150 - 74 65 6e 74 57 61 74 63-68 2e 63 6f 6d 31 16 30 tentWatch.com1.0
0160 - 14 06 03 55 04 0b 13 0d-47 68 6f 74 69 20 53 65 ...U....Ghoti Se
0170 - 72 76 65 72 73 31 1b 30-19 06 03 55 04 03 14 12 rvers1.0...U....
0180 - 2a 2e 63 6f 6e 74 65 6e-74 77 61 74 63 68 2e 63 *.contentwatch.c
0190 - 6f 6d 31 2f 30 2d 06 09-2a 86 48 86 f7 0d 01 09 om1/0-..*.H.....
01a0 - 01 16 20 73 6d 63 71 75-65 65 6e 20 61 74 20 63 .. smcqueen at c
01b0 - 6f 6e 74 65 6e 74 77 61-74 63 68 20 64 6f 74 20 ontentwatch dot
01c0 - 63 6f 6d 30 81 9f 30 0d-06 09 2a 86 48 86 f7 0d com0..0...*.H...
01d0 - 01 01 01 05 00 03 81 8d-00 30 81 89 02 81 81 00 .........0......
01e0 - e1 50 b8 9c e3 27 0a 95-4d 38 77 f7 9f 64 03 2f .P...'..M8w..d./
01f0 - fd 4e 3e 4d 9c 79 a4 63-53 67 b8 37 36 6c 4a 77 .N>M.y.cSg.76lJw
0200 - d8 3e ef 9c 99 68 71 74-d3 dc ed 04 ba b3 43 92 .>...hqt......C.
0210 - 98 a8 e2 e9 c1 4e 91 ef-f1 08 a7 2e 52 6b e6 bd .....N......Rk..
0220 - 4c 1f f7 ed e9 37 c2 6d-f4 e5 8c 88 68 c0 57 21 L....7.m....h.W!
0230 - 38 4f 46 89 0a e4 98 fb-3c 4c 3f 44 1b b1 62 31 8OF.....<L?D..b1
0240 - 4f 4a 84 65 1d 59 72 6a-24 d2 23 7b c1 20 d8 85 OJ.e.Yrj$.#{. ..
0250 - 7f a4 74 16 e5 8a c5 3c-65 6b 02 2c 6d 94 4a 7d ..t....<ek.,m.J}
0260 - 02 03 01 00 01 30 0d 06-09 2a 86 48 86 f7 0d 01 .....0...*.H....
0270 - 01 05 05 00 03 81 81 00-30 bd b0 3d c0 34 8e a5 ........0..=.4..
0280 - bf 4d 1c bd 9d 26 79 4e-98 b2 24 07 85 c8 3c 31 .M...&yN..$...<1
0290 - 95 9d 95 6d 10 ed b3 8c-b1 fa 95 08 78 fb 8a 68 ...m........x..h
02a0 - 6d 22 4b be 14 23 32 74-7a fc 59 2d f3 8a ea 88 m"K..#2tz.Y-....
02b0 - 04 bd 73 90 9d 05 b5 0e-ac 65 5d f9 f4 90 74 eb ..s......e]...t.
02c0 - 72 82 82 f6 bd 27 5d 96-02 14 09 21 bc 5d 28 a5 r....']....!.](.
02d0 - d8 da cc 4f 81 b6 43 04-0e a4 08 3c f4 ee 9e 31 ...O..C....<...1
02e0 - 62 b9 4f 9c 2b a2 1c 3e-3f 83 75 f2 5e d5 95 e6 b.O.+..>?.u.^...
02f0 - 43 96 14 98 7d 04 e8 64- C...}..d
SSL_accept:SSLv3 write certificate A
>>> TLS 1.0 Handshake [length 0004], ServerHelloDone
0e 00 00 00
write to 0x1a43e90 [0x1a53070] (9 bytes => 9 (0x9))
0000 - 16 03 01 00 04 0e ......
0009 - <SPACES/NULS>
SSL_accept:SSLv3 write server done A
SSL_accept:SSLv3 flush data
read from 0x1a43e90 [0x1a49583] (5 bytes => 5 (0x5))
0000 - 16 03 01 00 86 .....
read from 0x1a43e90 [0x1a49588] (134 bytes => 134 (0x86))
0000 - 10 00 00 82 00 80 0c 0f-ae 0a 72 b9 c8 c2 e8 9b ..........r.....
0010 - df 2d a4 44 93 bc 8b 75-4b ad eb 5c 74 a5 8d 7b .-.D...uK..\t..{
0020 - 8f 75 30 8c 61 f7 22 1a-66 99 9c 30 9e 14 2a 79 .u0.a.".f..0..*y
0030 - 79 4c 75 c7 1a 55 ac 97-1f 4b aa 59 2a a1 fa 4d yLu..U...K.Y*..M
0040 - b8 13 a4 50 00 5a b3 c4-e1 35 7f 1f ae cd df c1 ...P.Z...5......
0050 - de 9e ac 1c 58 6e c1 e6-fd ae d1 91 34 c4 94 36 ....Xn......4..6
0060 - 0a 51 03 c9 73 49 5c 76-04 90 64 fd 09 19 60 de .Q..sI\v..d...`.
0070 - b0 e0 e6 6d a7 24 2e a1-d3 d3 9a 84 91 3e 84 f7 ...m.$.......>..
0080 - b7 11 30 fb 3d af ..0.=.
<<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
10 00 00 82 00 80 0c 0f ae 0a 72 b9 c8 c2 e8 9b
df 2d a4 44 93 bc 8b 75 4b ad eb 5c 74 a5 8d 7b
8f 75 30 8c 61 f7 22 1a 66 99 9c 30 9e 14 2a 79
79 4c 75 c7 1a 55 ac 97 1f 4b aa 59 2a a1 fa 4d
b8 13 a4 50 00 5a b3 c4 e1 35 7f 1f ae cd df c1
de 9e ac 1c 58 6e c1 e6 fd ae d1 91 34 c4 94 36
0a 51 03 c9 73 49 5c 76 04 90 64 fd 09 19 60 de
b0 e0 e6 6d a7 24 2e a1 d3 d3 9a 84 91 3e 84 f7
b7 11 30 fb 3d af
SSL_accept:SSLv3 read client key exchange A
read from 0x1a43e90 [0x1a49583] (5 bytes => 5 (0x5))
0000 - 14 03 01 00 01 .....
read from 0x1a43e90 [0x1a49588] (1 bytes => 1 (0x1))
0000 - 01 .
<<< TLS 1.0 ChangeCipherSpec [length 0001]
01
read from 0x1a43e90 [0x1a49583] (5 bytes => 5 (0x5))
0000 - 16 03 01 ...
0005 - <SPACES/NULS>
read from 0x1a43e90 [0x1a49588] (32 bytes => 32 (0x20))
0000 - f9 4f 74 8c 9d 2c 7e c4-e8 c0 f2 72 68 d7 3a 70 .Ot..,~....rh.:p
0010 - b4 e7 5f f4 2d 17 b7 0b-ff 18 9b 05 ba b2 02 44 .._.-..........D
<<< TLS 1.0 Handshake [length 0010], Finished
14 00 00 0c c4 15 ff ca 5e b0 3d 81 49 b3 dd db
SSL_accept:SSLv3 read finished A
>>> TLS 1.0 ChangeCipherSpec [length 0001]
01
write to 0x1a43e90 [0x1a53070] (6 bytes => 6 (0x6))
0000 - 14 03 01 00 01 01 ......
SSL_accept:SSLv3 write change cipher spec A
>>> TLS 1.0 Handshake [length 0010], Finished
14 00 00 0c 4f c2 ab 81 23 af 49 11 d7 24 99 b2
write to 0x1a43e90 [0x1a53070] (37 bytes => 37 (0x25))
0000 - 16 03 01 00 20 c7 af c7-a8 78 d2 76 b4 f4 14 c5 .... ....x.v....
0010 - c6 dc 6e 15 50 f6 97 88-45 34 8b 83 f9 0f 5b 61 ..n.P...E4....[a
0020 - b0 59 ec f9 44 .Y..D
SSL_accept:SSLv3 write finished A
SSL_accept:SSLv3 flush data
-----BEGIN SSL SESSION PARAMETERS-----
MHUCAQECAgMBBAIABAQg6gGp7hdxOQJwLMyaGa+bqGlNtDb4cAsXT9kQ5EaFGmUE
MATzzO7eEwDtYjn2TbjGIm6VsYhd32KdmaNYEnQXckz0Ekj66h/RN0f1NTyVj2RJ
/6EGAgRU0lm2ogQCAgEspAYEBAEAAAA=
-----END SSL SESSION PARAMETERS-----
Shared
ciphers:RC4-MD5:RC4-SHA:AES128-SHA:AES256-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-AES128-SHA:ECDH-ECDSA-AES256-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-AES256-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES128-SHA:DHE-DSS-AES256-SHA:DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:EXP-RC4-MD5:EXP-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA
CIPHER is RC4-MD5
Secure Renegotiation IS supported
read from 0x1a43e90 [0x1a49583] (5 bytes => 0 (0x0))
ERROR
shutting down SSL
CONNECTION CLOSED
ACCEPT
------/snip/------
Wireshark log:
No. Time Source Destination
Protocol Length Info
9 9.573116 10.1.1.93 10.3.2.118 TLSv1
250 Client Hello
Frame 9: 250 bytes on wire (2000 bits), 250 bytes captured (2000 bits)
Ethernet II, Src: 98:3b:16:19:a0:5b (98:3b:16:19:a0:5b), Dst:
Intel_45:b7:78 (00:04:23:45:b7:78)
Internet Protocol Version 4, Src: 10.1.1.93 (10.1.1.93), Dst:
10.3.2.118 (10.3.2.118)
Transmission Control Protocol, Src Port: 59489 (59489), Dst Port:
https (443), Seq: 1, Ack: 1, Len: 184
Secure Sockets Layer
TLSv1 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 179
Handshake Protocol: Client Hello
Handshake Type: Client Hello (1)
Length: 175
Version: TLS 1.0 (0x0301)
Random
Session ID Length: 0
Cipher Suites Length: 70
Cipher Suites (35 suites)
Compression Methods Length: 1
Compression Methods (1 method)
Extensions Length: 64
Extension: ec_point_formats
Type: ec_point_formats (0x000b)
Length: 4
EC point formats Length: 3
Elliptic curves point formats (3)
Extension: elliptic_curves
Type: elliptic_curves (0x000a)
Length: 52
Elliptic Curves Length: 50
Elliptic curves (25 curves)
No. Time Source Destination
Protocol Length Info
11 9.590247 10.3.2.118 10.1.1.93 TLSv1
921 Server Hello, Certificate, Server Hello Done
Frame 11: 921 bytes on wire (7368 bits), 921 bytes captured (7368 bits)
Ethernet II, Src: Intel_45:b7:78 (00:04:23:45:b7:78), Dst:
98:3b:16:19:a0:5b (98:3b:16:19:a0:5b)
Internet Protocol Version 4, Src: 10.3.2.118 (10.3.2.118), Dst:
10.1.1.93 (10.1.1.93)
Transmission Control Protocol, Src Port: https (443), Dst Port: 59489
(59489), Seq: 1, Ack: 185, Len: 855
Secure Sockets Layer
TLSv1 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 81
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 77
Version: TLS 1.0 (0x0301)
Random
Session ID Length: 32
Session ID: 2ff8e67f1f2692161b5fe0a27c48568e33be0c31042f52a2...
Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004)
Compression Method: null (0)
Extensions Length: 5
Extension: renegotiation_info
Type: renegotiation_info (0xff01)
Length: 1
Data (1 byte)
TLSv1 Record Layer: Handshake Protocol: Certificate
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 755
Handshake Protocol: Certificate
Handshake Type: Certificate (11)
Length: 751
Certificates Length: 748
Certificates (748 bytes)
TLSv1 Record Layer: Handshake Protocol: Server Hello Done
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 4
Handshake Protocol: Server Hello Done
Handshake Type: Server Hello Done (14)
Length: 0
No. Time Source Destination
Protocol Length Info
13 9.600819 10.1.1.93 10.3.2.118 TLSv1
248 Client Key Exchange, Change Cipher Spec, Encrypted Handshake
Message
Frame 13: 248 bytes on wire (1984 bits), 248 bytes captured (1984 bits)
Ethernet II, Src: 98:3b:16:19:a0:5b (98:3b:16:19:a0:5b), Dst:
Intel_45:b7:78 (00:04:23:45:b7:78)
Internet Protocol Version 4, Src: 10.1.1.93 (10.1.1.93), Dst:
10.3.2.118 (10.3.2.118)
Transmission Control Protocol, Src Port: 59489 (59489), Dst Port:
https (443), Seq: 185, Ack: 856, Len: 182
Secure Sockets Layer
TLSv1 Record Layer: Handshake Protocol: Client Key Exchange
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 134
Handshake Protocol: Client Key Exchange
Handshake Type: Client Key Exchange (16)
Length: 130
TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
Content Type: Change Cipher Spec (20)
Version: TLS 1.0 (0x0301)
Length: 1
Change Cipher Spec Message
TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 32
Handshake Protocol: Encrypted Handshake Message
No. Time Source Destination
Protocol Length Info
14 9.608309 10.3.2.118 10.1.1.93 TLSv1
109 Change Cipher Spec, Encrypted Handshake Message
Frame 14: 109 bytes on wire (872 bits), 109 bytes captured (872 bits)
Ethernet II, Src: Intel_45:b7:78 (00:04:23:45:b7:78), Dst:
98:3b:16:19:a0:5b (98:3b:16:19:a0:5b)
Internet Protocol Version 4, Src: 10.3.2.118 (10.3.2.118), Dst:
10.1.1.93 (10.1.1.93)
Transmission Control Protocol, Src Port: https (443), Dst Port: 59489
(59489), Seq: 856, Ack: 367, Len: 43
Secure Sockets Layer
TLSv1 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
Content Type: Change Cipher Spec (20)
Version: TLS 1.0 (0x0301)
Length: 1
Change Cipher Spec Message
TLSv1 Record Layer: Handshake Protocol: Encrypted Handshake Message
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 32
Handshake Protocol: Encrypted Handshake Message
