cancel
Showing results for 
Search instead for 
Did you mean: 

HTTPS application health monitor

Mohammed_M_Irfa
Nimbostratus
Nimbostratus

Hi folks,

 

Need your help to understand the HTTPS application health monitor,

How to capture the packets to view send and receive string?

In tcpdump, i can't see the send and receiving string if we enable the SSL parameters!

Is their any alter options to find the response from server?

 

 

Thanks

Irfan

9 REPLIES 9

Lidev
MVP
MVP

Hi, use cURL command to see the server response :

curl -vk https://yourdomain.com/request

 

Mohammed_M_Irfa
Nimbostratus
Nimbostratus

Hi Lidev,

 

Thanks for instant response but i don't find the receiving string still:)

Can you show me your curl output ? you received an HTTP 200 OK ?

Mohammed_M_Irfa
Nimbostratus
Nimbostratus

[Active:Changes Pending] ~ # curl -vk https://x.x.x.x//index.html

*  Trying x.x.x.x...

* Connected to x.x.x.x (x.x.x.x) port 443 (#0)

* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH

* successfully set certificate verify locations:

*  CAfile: /etc/pki/tls/certs/ca-bundle.crt

 CApath: none

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Request CERT (13):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Certificate (11):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Client hello (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS alert, Server hello (2):

* error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

* Closing connection 0

curl: (35) error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

 

Ok, you have a handshake failure during the SSL Handshake.

Can you try curl -vk -3 https://x.x.x.x//index.html ?

Mohammed_M_Irfa
Nimbostratus
Nimbostratus

Getting same output, as previous:)

Disable SSLv3 protocol on your apache server and retry without -3 😉

https://disablessl3.com/apache.html

Mohammed_M_Irfa
Nimbostratus
Nimbostratus

Server is not under my control, So i can't do any think in server side.

I see, what version of cURL you use ? (curl --version), Support of SSLv3 was disabled by default in 7.39.

We'll try forcing TLS 1.2 : curl -vk ---tlsv1.2 https://x.x.x.x//index.html