Troubleshooting TLS Problems With ssldump
Introduction
Transport Layer Security (TLS) is used to secure network communications between two hosts. TLS largely replaced SSL (Secure Sockets Layer) starting in 1999, but many browsers still pr...
Published Oct 14, 2010
Version 1.0George_Watkins_
Historic F5 Account
Joined September 17, 2008
George_Watkins_
Historic F5 Account
Joined September 17, 2008
Yaoxie_117356
Jun 03, 2015Nimbostratus
Not quite sure if this is related to version, but I did a quick test for scenario 1, I can see a different result.
[root@V11full:Active:Standalone] config ssldump -Aed -ni 0.0 host 8.8.100.80
New TCP connection 1: 8.8.100.189(2078) <-> 8.8.100.80(443)
1 1 1433322027.9875 (0.0095) C>SV3.1(206) Handshake
ClientHello
Version 3.3
random[32]=
dd c0 f4 f7 b7 37 88 93 6b ed b5 63 1e 94 ba 32
50 85 d3 24 d9 99 df 98 b6 84 d8 53 91 fa da c6
resume [32]=
03 1f 85 14 6b c7 9c a4 5d 21 31 3c ec 3c 4a fb
0f 6b cb 1d 31 a2 06 7b d1 9e 95 d1 3b 94 09 f4
cipher suites
Unknown value 0xc02b
Unknown value 0xc02f
Unknown value 0xc00a
Unknown value 0xc009
Unknown value 0xc013
Unknown value 0xc014
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
compression methods
NULL
Unknown SSL content type 72
1 2 1433322027.9891 (0.0015) S>CShort record
1 1433322027.9891 (0.0000) S>C TCP FIN
1 3 1433322027.9893 (0.0002) C>SV3.3(2) Alert
level fatal
value unexpected_message
1 1433322028.0057 (0.0163) C>S TCP RST
In Scenario, I restricted clientssl cipher to LOW and ssldump showed
[root@V11full:Active:Standalone] config ssldump -Aed -ni 0.0 host 8.8.100.80
New TCP connection 1: 8.8.100.189(2092) <-> 8.8.100.80(443)
1 1 1433322410.8985 (0.0201) C>SV3.1(174) Handshake
ClientHello
Version 3.3
random[32]=
0f cc 92 66 88 78 bc 53 d9 38 ad 2e cc 65 b9 25
9a 69 02 3b 55 20 dc 72 16 99 21 b2 9d 64 1f df
cipher suites
Unknown value 0xc02b
Unknown value 0xc02f
Unknown value 0xc00a
Unknown value 0xc009
Unknown value 0xc013
Unknown value 0xc014
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
compression methods
NULL
1 2 1433322410.8985 (0.0000) S>CV3.3(2) Alert
level fatal
value handshake_failure
1 1433322410.8986 (0.0000) S>C TCP FIN
1 1433322410.9205 (0.0219) C>S TCP FIN