Chrome fails to respond to SSL Server hello

David_M

Cirrostratus

Aug 21, 2019

Hi Lidev,

I did ssldump -nr on the pcap as I do not have the keys right now to decrypt.

But I just see the same RSTs there and nothing specific, maybe I am missing something.

Also I see application data after serverhello done without the client key exchange msgs. .

I am looking at the connection 20.

New TCP connection #20: 10.12.119.147(52927) <-> 192.168.3.81(443)
19 1  0.0258 (0.0258)  C>S  Handshake
      ClientHello
        Version 3.3 
        resume [32]=
          3e 86 32 ce 63 41 29 3d 44 cf a3 e4 61 9e e9 23 
          09 61 e9 86 de ed c7 23 29 c6 23 4d de 77 0e 05 
        cipher suites
        Unknown value 0x2a2a
        Unknown value 0x1301
        Unknown value 0x1302
        Unknown value 0x1303
        TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        Unknown value 0xcca9
        Unknown value 0xcca8
        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
        TLS_RSA_WITH_AES_128_GCM_SHA256
        TLS_RSA_WITH_AES_256_GCM_SHA384
        TLS_RSA_WITH_AES_128_CBC_SHA
        TLS_RSA_WITH_AES_256_CBC_SHA
        TLS_RSA_WITH_3DES_EDE_CBC_SHA
        compression methods
                  NULL
20 1  0.0264 (0.0264)  C>S  Handshake
      ClientHello
        Version 3.3 
        resume [32]=
          01 5f 57 a0 b6 14 b7 ff 13 63 04 0f 5b 99 29 3c 
          42 a2 0f 51 2a 07 a0 24 2e 8d 68 64 ec b3 0c 81 
        cipher suites
        Unknown value 0xa0a
        Unknown value 0x1301
        Unknown value 0x1302
        Unknown value 0x1303
        TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        Unknown value 0xcca9
        Unknown value 0xcca8
        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
        TLS_RSA_WITH_AES_128_GCM_SHA256
        TLS_RSA_WITH_AES_256_GCM_SHA384
        TLS_RSA_WITH_AES_128_CBC_SHA
        TLS_RSA_WITH_AES_256_CBC_SHA
        TLS_RSA_WITH_3DES_EDE_CBC_SHA
        compression methods
                  NULL
19 2  0.0266 (0.0008)  S>C  Handshake
      ServerHello
        Version 3.3 
        session_id[32]=
          20 ff 53 89 55 a3 a6 cc c9 86 dc 09 7f ab 0e 10 
          55 4d c2 22 93 bd d2 66 cb 67 56 bc cc bb de a5 
        cipherSuite         TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        compressionMethod                   NULL
19 3  0.0266 (0.0000)  S>C  Handshake
      Certificate
19 4  0.0266 (0.0000)  S>C  Handshake
      ServerKeyExchange
19 5  0.0266 (0.0000)  S>C  Handshake
      ServerHelloDone
20 2  0.0273 (0.0008)  S>C  Handshake
      ServerHello
        Version 3.3 
        session_id[32]=
          38 37 2b 80 ed 5a fe 45 e1 be b0 8a 14 63 66 89 
          53 0a e9 03 aa 74 2c c4 e3 3f be 84 64 73 36 1d 
        cipherSuite         TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        compressionMethod                   NULL
20 3  0.0273 (0.0000)  S>C  Handshake
      Certificate
20 4  0.0273 (0.0000)  S>C  Handshake
      ServerKeyExchange
20 5  0.0273 (0.0000)  S>C  Handshake
      ServerHelloDone
12 19 1.5286 (0.2182)  C>S  application_data
12 20 1.5373 (0.0086)  S>C  application_data
12 21 1.7430 (0.2057)  C>S  application_data
12 22 1.7536 (0.0105)  S>C  application_data
12 23 1.9602 (0.2066)  C>S  application_data
12 24 1.9679 (0.0077)  S>C  application_data
12 25 2.1770 (0.2091)  C>S  application_data
12 26 2.2036 (0.0265)  S>C  application_data
12 27 2.2036 (0.0000)  S>C  application_data
12 28 2.2036 (0.0000)  S>C  application_data
12 29 2.4217 (0.2181)  C>S  application_data
12 30 2.4349 (0.0131)  S>C  application_data
12 31 2.4349 (0.0000)  S>C  application_data
12 32 2.6403 (0.2053)  C>S  application_data
12 33 2.6522 (0.0118)  S>C  application_data
12 34 2.8569 (0.2047)  C>S  application_data
12 35 2.8708 (0.0138)  S>C  application_data
12 36 3.0776 (0.2067)  C>S  application_data
12 37 3.0878 (0.0101)  S>C  application_data
12 38 3.2913 (0.2035)  C>S  application_data
12 39 3.3268 (0.0354)  S>C  application_data
12 40 3.3268 (0.0000)  S>C  application_data
12    3.5435 (0.2166)  C>S  TCP FIN
12    3.5435 (0.0000)  S>C  TCP FIN
New TCP connection #21: 192.168.2.31(61316) <-> 10.1.54.32(7779)
21    0.0045 (0.0045)  C>S  TCP FIN
21    0.0068 (0.0022)  S>C  TCP FIN
New TCP connection #22: 192.168.2.31(54520) <-> 10.1.54.31(7779)
22    0.0058 (0.0058)  C>S  TCP FIN
22    0.0060 (0.0002)  S>C  TCP FIN
20    10.0023 (9.9750)  S>C  TCP RST
19    10.0025 (9.9759)  S>C  TCP RST
19    10.0025 (9.9759)  S>C  TCP RST

Attaching it here anyway.

Thanks.

Forum Discussion

Chrome fails to respond to SSL Server hello

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

iRule causing requests to be duplicated (sometimes)

Cisco TACACS+ Config on ISE LTM Pair

Related Content

Apple’s MIE, Fake Chrome Ext, and C2PA Content Credentials in Google Pixel

Chrome V 124+ on MacOS - Virtual Server Access Issue

Web UI Tweaks Chrome plugin

Google and Chrome proposed split, CISA insights, AI OSS-Fuzz, Roundup

F5 MCP(Model Context Protocol) Server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS