SSLDump

Question

Hi,&nbsp;
Can any one explain me the the SSLdump below ?
&nbsp;

p_k · Answer

It looks like something wrong about clients key or client encryption settings. TCPDUMP might help!  
&nbsp;
Also check this article  
&nbsp;
ChangeCipherSpec (client)&nbsp;
During the client's ChangeCipherSpec phase, the client initializes the options that were negotiated by both parties. This phase marks the point when the parties change the secure channel parameters from using asymmetric (public key) to symmetric (shared key) encryption. A handshake failure during this phase may relate to SSL message corruption or issues with the SSL implementation itself. [Content copied from article]&nbsp;

jaikumar_f5 · Answer

From what I could see, Version 3.1 means, its on Tls 1.1. So your client intiated handshake on tls1.1 and server (F5) also negotiates with the same. But its then failing in the changecipherspec. Definitely it hasn't gone to server-side connection yet. Its still on the client-side connection and failing. I would check on the clientssl profile ciphers and try troubleshooting.

Forum Discussion

SSLDump

2 Replies

Recent Discussions

F5Access | MacOS Sonoma

Rewrite uri translation not working

Chrome V 124+ on MacOS - Virtual Server Access Issue

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Troubleshooting TLS Problems With ssldump

Shortcut script to easily extract the Pre-Master Secret from a capture with ssldump

TLS 1.2 for ssldump data decrypt revisited

Giving back to the Dev Community: ssldump data decrypt

ssldump not working for client side decrypt (tried everything)