Ho un problema con una macchina per la comunicazione della macchina, dove per me sembra che il nostro server riagganci il TCP durante l'handshake, ma non riesco a capire perché. Siamo stati in esecuzione per diversi mesi sulla stessa configurazione di certificati, ecc. Il nostro cliente ha presumibilmente cambiato solo il requisito di non supportare SSLv2. Ma questo non è un problema per il nostro server.
C'è qualcuno che ha qualche idea di cosa sta succedendo? Ci sono informazioni che vorresti fornire?
Di seguito è la conversazione TCP presa da Network Monitor:
server client TCP: [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
client server TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23
client server TLS:TLS Rec Layer-1 HandShake: Client Hello.
server client TCP: [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
server client TLS:TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
client server TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35
client server TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
client server TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57
client server TLS:TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
server client TCP: [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0
EDIT: 2014.11.12 - Aggiunta di ulteriori dettagli
Di seguito ho incluso informazioni dettagliate su TCP e TLS prtocol per ciascun frame di seguito.
E per fornire ulteriori informazioni, questa soluzione sono le applicazioni di integrazione che comunicano con SOAP su TLS. Questo ha funzionato bene fino a quando non sono stati effettuati diversi aggiornamenti sul lato client. Che cosa esattamente non sono stato in grado di ottenere informazioni complete, questa è una parte del cliente del governo ... Ma ogni richiesta SOAP da parte loro termina ora prima che l'handshake TLS sia fatto, nel modo esatto ogni volta. Non ho la possibilità di provare diverse configurazioni di server / client per questo problema come suggerito.
36962 18:15:51 09.12.2014 2914.4460297 (0) Server IP Client IP TCP TCP: [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
- Tcp: [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
SrcPort: HTTPS(443)
DstPort: 42262
SequenceNumber: 1989100423 (0x768F4387)
AcknowledgementNumber: 2540094201 (0x9766C2F9)
- DataOffset: 160 (0xA0)
DataOffset: (1010....) 40 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: .E.A..S.
CWR: (0.......) CWR not significant
ECE: (.1......) ECN-Echo significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......1.) Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 8192 ( Negotiated scale factor 0x8 ) = 8192
Checksum: 0xEDDA, Bad
UrgentPointer: 0 (0x0)
- TCPOptions:
- MaxSegmentSize: 1
type: Maximum Segment Size. 2(0x2)
OptionLength: 4 (0x4)
MaxSegmentSize: 1460 (0x5B4)
- NoOption:
type: No operation. 1(0x1)
- WindowsScaleFactor: ShiftCount: 8
type: Window scale factor. 3(0x3)
Length: 3 (0x3)
ShiftCount: 8 (0x8)
- SACKPermitted:
type: SACK permitted. 4(0x4)
OptionLength: 2 (0x2)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 1421864 (0x15B228)
TimestampEchoReply: 86050255 (0x52105CF)
36963 18:15:51 09.12.2014 2914.4487184 (0) Client IP Server IP TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23
- Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094201 (0x9766C2F9)
AcknowledgementNumber: 1989100424 (0x768F4388)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A....
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 23
Checksum: 0x1082, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050256 (0x52105D0)
TimestampEchoReply: 1421864 (0x15B228)
36969 18:15:51 09.12.2014 2914.4491115 (0) Client IP Server IP TLS TLS:TLS Rec Layer-1 HandShake: Client Hello.
- Tcp: Flags=...AP..., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=156, Seq=2540094201 - 2540094357, Ack=1989100424, Win=23
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094201 (0x9766C2F9)
AcknowledgementNumber: 1989100424 (0x768F4388)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...AP...
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....1...) Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 23
Checksum: 0xEBA1, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050256 (0x52105D0)
TimestampEchoReply: 1421864 (0x15B228)
TCPPayload: SourcePort = 42262, DestinationPort = 443
TLSSSLData: Transport Layer Security (TLS) Payload Data
- TLS: TLS Rec Layer-1 HandShake: Client Hello.
- TlsRecordLayer: TLS Rec Layer-1 HandShake:
ContentType: HandShake:
- Version: TLS 1.0
Major: 3 (0x3)
Minor: 1 (0x1)
Length: 151 (0x97)
- SSLHandshake: SSL HandShake ClientHello(0x01)
HandShakeType: ClientHello(0x01)
Length: 147 (0x93)
- ClientHello: TLS 1.2
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
- RandomBytes:
TimeStamp: 12/09/2014, 17:15:52 .0000 UTC
RandomBytes: Binary Large Object (28 Bytes)
SessionIDLength: 0 (0x0)
CipherSuitesLength: 78
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 { 0x00, 0xA3 }
Cipher: 163 (0xA3)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 { 0x00, 0x9F }
Cipher: 159 (0x9F)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 { 0x00, 0x6B }
Cipher: 107 (0x6B)
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 { 0x00, 0x6A }
Cipher: 106 (0x6A)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_CBC_SHA { 0x00, 0x39 }
Cipher: 57 (0x39)
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_CBC_SHA { 0x00, 0x38 }
Cipher: 56 (0x38)
- TLSCipherSuites: TLS_RSA_WITH_AES_256_GCM_SHA384 { 0x00, 0x9D }
Cipher: 157 (0x9D)
- TLSCipherSuites: TLS_RSA_WITH_AES_256_CBC_SHA256 { 0x00, 0x3D }
Cipher: 61 (0x3D)
- TLSCipherSuites: TLS_RSA_WITH_AES_256_CBC_SHA { 0x00, 0x35 }
Cipher: 53 (0x35)
- TLSCipherSuites: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x16}
Cipher: 22 (0x16)
- TLSCipherSuites: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA { 0x00,0x13 }
Cipher: 19 (0x13)
- TLSCipherSuites: TLS_RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x0A }
Cipher: 10 (0xA)
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 { 0x00, 0xA2 }
Cipher: 162 (0xA2)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 { 0x00, 0x9E }
Cipher: 158 (0x9E)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 { 0x00, 0x67 }
Cipher: 103 (0x67)
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 { 0x00, 0x40 }
Cipher: 64 (0x40)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_CBC_SHA { 0x00, 0x33 }
Cipher: 51 (0x33)
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_CBC_SHA { 0x00, 0x32 }
Cipher: 50 (0x32)
- TLSCipherSuites: TLS_RSA_WITH_AES_128_GCM_SHA256 { 0x00, 0x9C }
Cipher: 156 (0x9C)
- TLSCipherSuites: TLS_RSA_WITH_AES_128_CBC_SHA256 { 0x00, 0x3C }
Cipher: 60 (0x3C)
- TLSCipherSuites: TLS_RSA_WITH_AES_128_CBC_SHA { 0x00, 0x2F }
Cipher: 47 (0x2F)
- TLSCipherSuites: TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA { 0x00, 0x66 }
Cipher: 102 (0x66)
- TLSCipherSuites: TLS_RSA_WITH_RC4_128_SHA { 0x00,0x05 }
Cipher: 5 (0x5)
- TLSCipherSuites: TLS_RSA_WITH_RC4_128_MD5 { 0x00,0x04 }
Cipher: 4 (0x4)
- TLSCipherSuites: TLS_NTRU_NSS_WITH_AES_128_CBC_SHA { 0x00, 0x63 }
Cipher: 99 (0x63)
- TLSCipherSuites: TLS_DHE_RSA_WITH_DES_CBC_SHA { 0x00,0x15 }
Cipher: 21 (0x15)
- TLSCipherSuites: TLS_DHE_DSS_WITH_DES_CBC_SHA { 0x00,0x12 }
Cipher: 18 (0x12)
- TLSCipherSuites: TLS_NTRU_NSS_WITH_3DES_EDE_CBC_SHA { 0x00, 0x62 }
Cipher: 98 (0x62)
- TLSCipherSuites: TLS_RSA_WITH_DES_CBC_SHA { 0x00,0x09 }
Cipher: 9 (0x9)
- TLSCipherSuites: TLS_NTRU_NSS_WITH_RC4_128_SHA { 0x00, 0x61 }
Cipher: 97 (0x61)
- TLSCipherSuites: TLS_NTRU_RSA_WITH_RC4_128_SHA { 0x00, 0x65 }
Cipher: 101 (0x65)
- TLSCipherSuites: TLS_NTRU_NSS_WITH_AES_256_CBC_SHA { 0x00, 0x64 }
Cipher: 100 (0x64)
- TLSCipherSuites: Unknown Cipher
Cipher: 96 (0x60)
- TLSCipherSuites: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA { 0x00,0x14 }
Cipher: 20 (0x14)
- TLSCipherSuites: TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA { 0x00,0x11 }
Cipher: 17 (0x11)
- TLSCipherSuites: TLS_RSA_EXPORT_WITH_DES40_CBC_SHA { 0x00,0x08 }
Cipher: 8 (0x8)
- TLSCipherSuites: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 { 0x00,0x06 }
Cipher: 6 (0x6)
- TLSCipherSuites: TLS_RSA_EXPORT_WITH_RC4_40_MD5 { 0x00,0x03 }
Cipher: 3 (0x3)
- TLSCipherSuites: Unknown Cipher
Cipher: 255 (0xFF)
CompressionMethodsLength: 1 (0x1)
CompressionMethods: 0 (0x0)
ExtensionsLength: 28 (0x1C)
- ClientHelloExtension: Signature Algorithms(0x000D)
ExtensionType: Signature Algorithms(0x000D)
ExtensionLength: 24 (0x18)
Data: Binary Large Object (24 Bytes)
36972 18:15:51 09.12.2014 2914.4512965 (0) Server IP Client IP TCP TCP: [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
- Tcp: [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
SrcPort: HTTPS(443)
DstPort: 42262
SequenceNumber: 1989100424 (0x768F4388)
AcknowledgementNumber: 2540094357 (0x9766C395)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A....
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 2081 (scale factor 0x0) = 2081
Checksum: 0xEDD2, Bad
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 1421865 (0x15B229)
TimestampEchoReply: 86050256 (0x52105D0)
36975 18:15:51 09.12.2014 2914.4548786 (4) Server IP Client IP TLS TLS:TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
- Tcp: [Bad CheckSum]Flags=...AP..., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=3396, Seq=1989100424 - 1989103820, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
SrcPort: HTTPS(443)
DstPort: 42262
SequenceNumber: 1989100424 (0x768F4388)
AcknowledgementNumber: 2540094357 (0x9766C395)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...AP...
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....1...) Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 2081 (scale factor 0x0) = 2081
Checksum: 0xEDB2, Bad
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 1421865 (0x15B229)
TimestampEchoReply: 86050256 (0x52105D0)
TCPPayload: SourcePort = 443, DestinationPort = 42262
TLSSSLData: Transport Layer Security (TLS) Payload Data
- TLS: TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
- TlsRecordLayer: TLS Rec Layer-1 HandShake:
ContentType: HandShake:
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
Length: 3391 (0xD3F)
- SSLHandshake: SSL HandShake Server Hello Done(0x0E)
HandShakeType: ServerHello(0x02)
Length: 77 (0x4D)
- ServerHello: 0x1
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
- RandomBytes:
TimeStamp: 12/09/2014, 17:15:51 .0000 UTC
RandomBytes: Binary Large Object (28 Bytes)
SessionIDLength: 32 (0x20)
SessionID: Binary Large Object (32 Bytes)
TLSCipherSuite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 { 0x00, 0x9F }
CompressionMethods: 0 (0x0)
ExtensionsLength: 5 (0x5)
- ServerHelloExtension: Renegotiation Info(0xFF01)
ExtensionType: Renegotiation Info(0xFF01)
ExtensionLength: 1 (0x1)
Data: Binary Large Object (1 Bytes)
HandShakeType: Certificate(0x0B)
Length: 2648 (0xA58)
- Cert: 0x1
CertLength: 2645 (0xA55)
+ Certificates:
+ Certificates:
HandShakeType: Server Key Exchange(0x0C)
Length: 650 (0x28A)
ServerKeyExchange: Binary Large Object (650 Bytes)
HandShakeType: Server Hello Done(0x0E)
Length: 0 (0x0)
36976 18:15:51 09.12.2014 2914.4577770 (0) Client IP Server IP TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35
- Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094357 (0x9766C395)
AcknowledgementNumber: 1989101872 (0x768F4930)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A....
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 35
Checksum: 0xA2F, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050258 (0x52105D2)
TimestampEchoReply: 1421865 (0x15B229)
36980 18:15:51 09.12.2014 2914.4581476 (0) Client IP Server IP TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
- Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094357 (0x9766C395)
AcknowledgementNumber: 1989103320 (0x768F4ED8)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A....
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 46
Checksum: 0x47C, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050258 (0x52105D2)
TimestampEchoReply: 1421865 (0x15B229)
36983 18:15:51 09.12.2014 2914.4582581 (0) Client IP Server IP TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57
- Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094357 (0x9766C395)
AcknowledgementNumber: 1989103820 (0x768F50CC)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A....
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 57
Checksum: 0x27D, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050258 (0x52105D2)
TimestampEchoReply: 1421865 (0x15B229)
36987 18:15:51 09.12.2014 2914.4613152 (0) Client IP Server IP TLS TLS:TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
- Tcp: Flags=...AP..., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=190, Seq=2540094357 - 2540094547, Ack=1989103820, Win=57
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094357 (0x9766C395)
AcknowledgementNumber: 1989103820 (0x768F50CC)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...AP...
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....1...) Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 57
Checksum: 0x63CB, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050259 (0x52105D3)
TimestampEchoReply: 1421865 (0x15B229)
TCPPayload: SourcePort = 42262, DestinationPort = 443
TLSSSLData: Transport Layer Security (TLS) Payload Data
- TLS: TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
- TlsRecordLayer: TLS Rec Layer-1 HandShake:
ContentType: HandShake:
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
Length: 134 (0x86)
- SSLHandshake: SSL HandShake Client Key Exchange(0x10)
HandShakeType: Client Key Exchange(0x10)
Length: 130 (0x82)
ClientKeyExchange: Binary Large Object (130 Bytes)
- TlsRecordLayer: TLS Rec Layer-2 Cipher Change Spec
ContentType: Cipher Change Spec
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
Length: 1 (0x1)
- ChangeCipherSpec: 0x1
ChangeCipherSpecValue: 1 (0x1)
- TlsRecordLayer: TLS Rec Layer-3 HandShake:
ContentType: HandShake:
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
Length: 40 (0x28)
- SSLHandshake: SSL HandShake Client Key Exchange(0x10)
EncryptedHandshakeMessage: Binary Large Object (40 Bytes)
36993 18:15:51 09.12.2014 2914.4634018 (4) Server IP Client IP TCP TCP: [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0
- Tcp: [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0
SrcPort: HTTPS(443)
DstPort: 42262
SequenceNumber: 1989103820 (0x768F50CC)
AcknowledgementNumber: 2540094547 (0x9766C453)
- DataOffset: 80 (0x50)
DataOffset: (0101....) 20 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A.R..
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....1..) Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 0 (scale factor 0x0) = 0
Checksum: 0xEDC6, Bad
UrgentPointer: 0 (0x0)
EDIT: 2014.12.12 problema risolto
Il problema reale era dovuto a un securitypatch da MS ( link ). E il lato client era cambiato dall'avere TLS1.0 come predefinito preferito per TLS1.2. Con la patch sopra menzionata da MS funziona bene per comunicare con TLS1.0, ma non con TLS1.1 o TLS1.2. La soluzione finale era disabilitare l'uso di questi nuovi codici sul lato server. Ora entrambe le parti parlano felicemente insieme su TLS1.2.
Grazie a tutti per il tuo tempo.
Saluti
Roy