Altocumulus
AltocumulusHi Dario,
Thanks for the reply.
I had forced the Server-side connection to use a cipher that ssldump can understand:
BIG-IP to Web Server
New TCP connection #1: 10.0.100.9(34913) <-> 10.0.100.41(443)
1 1 0.0010 (0.0010) C>S Handshake
ClientHello
Version 3.3
cipher suites
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_EMPTY_RENEGOTIATION_INFO_SCSV
compression methods
NULL
Web Server to BIG-IP
1 2 0.0021 (0.0010) S>C Handshake
ServerHello
Version 3.3
session_id[32]=
de a8 c1 05 4f 25 f0 fc 5d ee 9c b1 d1 8c 20 63
4e 97 3a c7 f4 5d 4a 91 f0 db 4b 57 57 65 d2 e6
cipherSuite TLS_RSA_WITH_AES_128_GCM_SHA256
compressionMethod NULL
extensions
renegotiation_info
In production I also use the iRule to gather the RSA Session ID too which works fine on the server-side I just wanted to know if applying an iRule wasn't an option if this could be done with the SSLDump Utility
Cheers,
David
Hello.
Could you check if your ServerKeyExchange message is has a "not negotiated" value?
BTW, I recommend you this link to see interesting tips about ssldump
REF - https://packetpushers.net/using-ssldump-decode-ssltls-packets/
KR,
Dario.
