Forum Discussion
Hi Dario,
Thanks for the reply.
I had forced the Server-side connection to use a cipher that ssldump can understand:
BIG-IP to Web Server
New TCP connection #1: 10.0.100.9(34913) <-> 10.0.100.41(443)
1 1 0.0010 (0.0010) C>S Handshake
ClientHello
Version 3.3
cipher suites
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_EMPTY_RENEGOTIATION_INFO_SCSV
compression methods
NULL
Web Server to BIG-IP
1 2 0.0021 (0.0010) S>C Handshake
ServerHello
Version 3.3
session_id[32]=
de a8 c1 05 4f 25 f0 fc 5d ee 9c b1 d1 8c 20 63
4e 97 3a c7 f4 5d 4a 91 f0 db 4b 57 57 65 d2 e6
cipherSuite TLS_RSA_WITH_AES_128_GCM_SHA256
compressionMethod NULL
extensions
renegotiation_info
In production I also use the iRule to gather the RSA Session ID too which works fine on the server-side I just wanted to know if applying an iRule wasn't an option if this could be done with the SSLDump Utility
Cheers,
David
- Sep 08, 2019
Hello.
Could you check if your ServerKeyExchange message is has a "not negotiated" value?
BTW, I recommend you this link to see interesting tips about ssldump
REF - https://packetpushers.net/using-ssldump-decode-ssltls-packets/
KR,
Dario.