Re: SSL3_GET_RECORD:wrong version number
On 12/11/06, Marek Marcola [EMAIL PROTECTED] wrote: It almost seems like the server is accepted SSL3 msgs, but sending out another protocol type. Any suggestions? If you using Linux, can you send ssldump or wireshark dump of this session. Here is an ssldump of s_client connecting to my server. I am getting a Length mismatch error following the client key exchange. In this run, the server ctx is set to receive SSLv23, the ssl on s_client was not specified. Would the Length Mismatch indicate a bad key? Thanks, Chris. New TCP connection #5: localhost.localdomain(41722) - localhost.localdomain(5758) 5 1 0.0025 (0.0025) CSV3.0(84) Handshake ClientHello Version 3.0 random[32]= 45 7d 8b 12 f3 38 eb 69 fe 5c 7d 3e eb b8 02 0d 32 0a ef 70 d8 30 b2 ab 41 e3 47 5a fd 0b 61 80 cipher suites Unknown value 0x39 Unknown value 0x38 Unknown value 0x35 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0x33 Unknown value 0x32 Unknown value 0x2f SSL_RSA_WITH_IDEA_CBC_SHA SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_MD5 SSL_DHE_RSA_WITH_DES_CBC_SHA SSL_DHE_DSS_WITH_DES_CBC_SHA SSL_RSA_WITH_DES_CBC_SHA SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA SSL_RSA_EXPORT_WITH_DES40_CBC_SHA SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 SSL_RSA_EXPORT_WITH_RC4_40_MD5 compression methods unknown value NULL 5 2 0.0050 (0.0024) SCV3.0(74) Handshake ServerHello Version 3.0 random[32]= 45 7d 8b 12 f4 42 79 fe bd e5 34 59 e7 02 aa 8e c9 d6 b3 9d c5 23 cd 1e a3 76 de 5d 3f 69 0b a6 session_id[32]= 20 3e 42 dc 97 0b f5 73 ac a0 b5 50 01 e5 1c a9 0f 74 71 06 55 87 9f 55 3d a9 e5 1c d2 a1 13 9a cipherSuite Unknown value 0x35 compressionMethod unknown value 5 3 0.0050 (0.) SCV3.0(889) Handshake Certificate 5 4 0.0050 (0.) SCV3.0(4) Handshake ServerHelloDone 5 5 0.0198 (0.0148) CSV3.0(132) Handshake ClientKeyExchange ERROR: Length mismatch __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: SSL3_GET_RECORD:wrong version number
On 12/11/06, chris busbey [EMAIL PROTECTED] wrote: On 12/11/06, Marek Marcola [EMAIL PROTECTED] wrote: It almost seems like the server is accepted SSL3 msgs, but sending out another protocol type. Any suggestions? If you using Linux, can you send ssldump or wireshark dump of this session. Here is an ssldump of s_client connecting to my server. I am getting a Length mismatch error following the client key exchange. In this run, the server ctx is set to receive SSLv23, the ssl on s_client was not specified. Would the Length Mismatch indicate a bad key? Another trial forcing tls1 on both sides of the connection did not result in the above Length Mismatch error. Here is the output of that trial's ssl dump. Any thoughts? New TCP connection #67: localhost.localdomain(42489) - localhost.localdomain(5758) 67 1 0.0032 (0.0032) CSV3.1(95) Handshake ClientHello Version 3.1 random[32]= 45 7d 8d 96 89 31 b1 d3 cf 44 80 ae 06 eb 1d ac 48 d0 8e bd 96 b5 b8 da c9 cc c0 0c e5 6a ec d7 cipher suites Unknown value 0x39 Unknown value 0x38 Unknown value 0x35 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0x33 Unknown value 0x32 Unknown value 0x2f TLS_DHE_DSS_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_RC2_56_CBC_SHA TLS_RSA_EXPORT1024_WITH_RC4_56_SHA TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_RSA_EXPORT_WITH_RC4_40_MD5 compression methods NULL 67 2 0.0083 (0.0050) SCV3.1(74) Handshake ServerHello Version 3.1 random[32]= 45 7d 8d 96 f6 1e ca 93 7f 6d f7 31 69 33 c9 e2 6e 9e bf 5c d3 e8 fd e3 66 0f 5e 81 8d f9 ab f3 session_id[32]= 36 22 f7 71 b0 84 9e 23 03 0c 1e ac 88 dd 36 67 24 75 08 ea b3 9d de 70 87 56 40 dc 45 fc 33 28 cipherSuite Unknown value 0x35 compressionMethod NULL 67 3 0.0083 (0.) SCV3.1(889) Handshake Certificate 67 4 0.0083 (0.) SCV3.1(4) Handshake ServerHelloDone 67 5 0.0244 (0.0160) CSV3.1(134) Handshake ClientKeyExchange 67 6 0.0657 (0.0413) CSV3.1(1) ChangeCipherSpec 67 7 0.0657 (0.) CSV3.1(48) Handshake 67 8 0.0666 (0.0008) SCV3.1(1) ChangeCipherSpec 67 9 0.0666 (0.) SCV3.1(48) Handshake 67 10 14.4262 (14.3595) CSV3.1(32) application_data Unknown SSL content type 0 67 11 14.4282 (0.0020) CSV44.0(32) Alert 6714.4285 (0.0003) CS TCP RST __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: SSL3_GET_RECORD:wrong version number
Another trial forcing tls1 on both sides of the connection did not result in the above Length Mismatch error. Here is the output of that trial's ssl dump. Any thoughts? New TCP connection #67: localhost.localdomain(42489) - localhost.localdomain(5758) 67 1 0.0032 (0.0032) CSV3.1(95) Handshake ClientHello Version 3.1 random[32]= 45 7d 8d 96 89 31 b1 d3 cf 44 80 ae 06 eb 1d ac 48 d0 8e bd 96 b5 b8 da c9 cc c0 0c e5 6a ec d7 cipher suites Unknown value 0x39 Unknown value 0x38 Unknown value 0x35 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0x33 Unknown value 0x32 Unknown value 0x2f TLS_DHE_DSS_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_RC2_56_CBC_SHA TLS_RSA_EXPORT1024_WITH_RC4_56_SHA TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_RSA_EXPORT_WITH_RC4_40_MD5 compression methods NULL This one did not offer the extra unknown (presumably zlib) compression. Ah, yes. It seems that I was using the s_client 0.9.7a in the last trial regardless, the same wrong version number error was produced when using s_client 0.9.8d. Here is the trial using 0.9.8d. Still getting the unknown SSL content type, followed by alert. New TCP connection #1333: localhost.localdomain(46983) - localhost.localdomain(5758) 1333 1 0.0024 (0.0024) CSV3.1(84) Handshake ClientHello Version 3.1 random[32]= 45 7d 9b e3 b9 fb bb 4d 4b d0 1c d8 51 0b 1c 3e 50 5c 3a cc f9 8b e9 96 b9 0a 7e 6a 22 43 32 b3 cipher suites Unknown value 0x39 Unknown value 0x38 Unknown value 0x35 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0x33 Unknown value 0x32 Unknown value 0x2f TLS_RSA_WITH_IDEA_CBC_SHA TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_RSA_EXPORT_WITH_RC4_40_MD5 compression methods unknown value NULL 1333 2 0.0073 (0.0048) SCV3.1(74) Handshake ServerHello Version 3.1 random[32]= 45 7d 9b e3 24 39 a3 fd e2 24 33 9a 47 31 72 82 ad 34 e0 53 b2 a1 97 4f 45 51 a5 43 66 8e 43 81 session_id[32]= 33 7f 47 05 02 24 a8 10 20 df 51 69 0b 0f 05 3d 06 73 37 0e 77 1a 06 bc 40 65 f8 f7 06 f8 8d d6 cipherSuite Unknown value 0x35 compressionMethod unknown value 1333 3 0.0073 (0.) SCV3.1(889) Handshake Certificate 1333 4 0.0073 (0.) SCV3.1(4) Handshake ServerHelloDone 1333 5 0.0140 (0.0066) CSV3.1(134) Handshake ClientKeyExchange 1333 6 0.0539 (0.0399) CSV3.1(1) ChangeCipherSpec 1333 7 0.0539 (0.) CSV3.1(48) Handshake 1333 8 0.0561 (0.0022) SCV3.1(1) ChangeCipherSpec 1333 9 0.0561 (0.) SCV3.1(48) Handshake 1333 10 3.1262 (3.0700) CSV3.1(32) application_data Unknown SSL content type 0 1333 11 3.1289 (0.0027) CSV44.0(32) Alert 13333.1294 (0.0005) CS TCP RST __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: SSL3_GET_RECORD:wrong version number
On 12/11/06, Marek Marcola [EMAIL PROTECTED] wrote: Can you send ssldump with -aAdN options ? Certainly. (Certificate details have been obfuscated) New TCP connection #8: localhost.localdomain(48429) - localhost.localdomain(5758) 8 1 0.0028 (0.0028) CS SSLv2 compatible client hello Version 3.1 cipher suites Unknown value 0x39 Unknown value 0x38 Unknown value 0x35 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA SSL2_CK_3DES Unknown value 0x33 Unknown value 0x32 Unknown value 0x2f TLS_RSA_WITH_IDEA_CBC_SHA SSL2_CK_IDEA SSL2_CK_RC2 TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 SSL2_CK_RC4 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA SSL2_CK_DES TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 SSL2_CK_RC2_EXPORT40 TLS_RSA_EXPORT_WITH_RC4_40_MD5 SSL2_CK_RC4_EXPORT40 8 2 0.0053 (0.0025) SCV3.1(74) Handshake ServerHello Version 3.1 random[32]= 45 7d a0 8b 4b e8 ae 91 c7 13 a2 53 cd 21 70 02 e6 61 f7 ef 52 12 14 c5 ab 0f 1c b7 59 b3 46 28 session_id[32]= c8 c6 12 12 89 c2 01 42 63 24 db e6 83 5f 98 ac 23 f6 80 92 ec d0 5d d4 23 6a 47 e7 dc b9 21 4b cipherSuite Unknown value 0x35 compressionMethod NULL 8 3 0.0053 (0.) SCV3.1(889) Handshake Certificate Subject C=US ST=Illinois L=Chicago O=Blah CN=BLAH-SRV-BLAH [EMAIL PROTECTED] Issuer C=US ST=Illinois L=Chicago O=Blah CN=BLAH-SRV-BLAH [EMAIL PROTECTED] Serial 00 Extensions Extension: X509v3 Subject Key Identifier Extension: X509v3 Authority Key Identifier Extension: X509v3 Basic Constraints 8 4 0.0053 (0.) SCV3.1(4) Handshake ServerHelloDone 8 5 0.0217 (0.0163) CSV3.1(134) Handshake ClientKeyExchange 8 6 0.0611 (0.0393) CSV3.1(1) ChangeCipherSpec 8 7 0.0611 (0.) CSV3.1(48) Handshake 8 8 0.0615 (0.0004) SCV3.1(1) ChangeCipherSpec 8 9 0.0615 (0.) SCV3.1(48) Handshake __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: SSL3_GET_RECORD:wrong version number
On 12/11/06, Marek Marcola [EMAIL PROTECTED] wrote: This TLS1 looks good, but sorry I've forget xX options, so output from ssldump -aAdNxX should give more information (SSL packet dump) with ending error. Hrm... ssldump fails during the handshake with a 'Length Mismatch error with the xX options. Here is the output; New TCP connection #5: localhost.localdomain(53503) - localhost.localdomain(5758) 5 1 0.0024 (0.0024) CS SSLv2 compatible client hello Version 3.1 cipher suites Unknown value 0x39 Unknown value 0x38 Unknown value 0x35 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA SSL2_CK_3DES Unknown value 0x33 Unknown value 0x32 Unknown value 0x2f TLS_RSA_WITH_IDEA_CBC_SHA SSL2_CK_IDEA SSL2_CK_RC2 TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 SSL2_CK_RC4 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA SSL2_CK_DES TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 SSL2_CK_RC2_EXPORT40 TLS_RSA_EXPORT_WITH_RC4_40_MD5 SSL2_CK_RC4_EXPORT40 Packet data[108]= 80 6a 01 03 01 00 51 00 00 00 10 00 00 39 00 00 38 00 00 35 00 00 16 00 00 13 00 00 0a 07 00 c0 00 00 33 00 00 32 00 00 2f 00 00 07 05 00 80 03 00 80 00 00 05 00 00 04 01 00 80 00 00 15 00 00 12 00 00 09 06 00 40 00 00 14 00 00 11 00 00 08 00 00 06 04 00 80 00 00 03 02 00 80 91 55 24 ce 72 4d 72 01 68 d9 56 6c 86 9c 59 f6 5 2 0.0053 (0.0029) SCV3.1(74) Handshake ServerHello Version 3.1 random[32]= 45 7d b0 b3 87 26 d8 05 b8 27 68 85 01 f5 5e 59 8a 67 d1 ac 3d 94 bc d6 45 c4 f0 42 7a a1 60 ec session_id[32]= 2e ab ad 61 fe 1e 47 6a f2 a2 0f 06 c9 61 23 13 d1 4f 24 e4 5f f3 89 ea 25 8c 90 2d ea b7 fa aa cipherSuite Unknown value 0x35 compressionMethod NULL Packet data[79]= 16 03 01 00 4a 02 00 00 46 03 01 45 7d b0 b3 87 26 d8 05 b8 27 68 85 01 f5 5e 59 8a 67 d1 ac 3d 94 bc d6 45 c4 f0 42 7a a1 60 ec 20 2e ab ad 61 fe 1e 47 6a f2 a2 0f 06 c9 61 23 13 d1 4f 24 e4 5f f3 89 ea 25 8c 90 2d ea b7 fa aa 00 35 00 5 3 0.0053 (0.) SCV3.1(889) Handshake Certificate Subject C=US ST=Illinois L=Chicago O=Blah CN=BLAH-SRV-BLAH [EMAIL PROTECTED] Issuer C=US ST=Illinois L=Chicago O=Blah CN=BLAH-SRV-BLAH [EMAIL PROTECTED] Serial 00 Extensions Extension: X509v3 Subject Key Identifier Extension: X509v3 Authority Key Identifier Extension: X509v3 Basic Constraints Packet data[894]= 16 03 01 03 79 0b 00 03 75 00 03 72 00 03 6f 30 82 03 6b 30 82 02 d4 a0 03 02 01 02 02 01 00 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 86 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 11 30 0f 06 03 55 04 08 13 08 49 6c 6c 69 6e 6f 69 73 31 10 30 0e 06 03 55 04 07 13 07 43 68 69 63 61 67 6f 31 12 30 10 06 03 55 04 0a 13 09 43 6f 6e 6e 61 6d 61 72 61 31 18 30 16 06 03 55 04 03 13 0f 43 48 49 2d 53 52 56 2d 4f 50 50 44 45 56 31 31 24 30 22 06 09 2a 86 48 86 f7 0d 01 09 01 16 15 63 62 75 73 62 65 79 40 63 6f 6e 6e 61 6d 61 72 61 2e 63 6f 6d 30 1e 17 0d 30 36 31 32 30 34 32 33 30 32 35 33 5a 17 0d 30 39 30 38 33 30 32 33 30 32 35 33 5a 30 81 86 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 11 30 0f 06 03 55 04 08 13 08 49 6c 6c 69 6e 6f 69 73 31 10 30 0e 06 03 55 04 07 13 07 43 68 69 63 61 67 6f 31 12 30 10 06 03 55 04 0a 13 09 43 6f 6e 6e 61 6d 61 72 61 31 18 30 16 06 03 55 04 03 13 0f 43 48 49 2d 53 52 56 2d 4f 50 50 44 45 56 31 31 24 30 22 06 09 2a 86 48 86 f7 0d 01 09 01 16 15 63 62 75 73 62 65 79 40 63 6f 6e 6e 61 6d 61 72 61 2e 63 6f 6d 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 a1 17 50 53 10 ef 67 24 62 b5 6a 76 9d dd c5 32 61 9d 9d b4 59 43 a2 a8 9a 72 11 7d c0 36 4d 9f 1e ae 25 30 01 97 3d 90 54 bd b1 1a 3e 65 ec 3f 56 1b 79 39 03 57 08 74 29 6f 0b 19 e1 ca 5d 3b 8e 25 de 54 28 15 d0 f0 8c c2 0f 41 5a db ba e8 67 8a e1 af 93 0f f9 11 d4 8f e7 6c 6a 2a d9 8d 1f 9a df 46 0b 61 3b 17 75 00 08 fd 5d f5 b8 57 00 90 4d 83 25 bf 47 22 ab b2 d7 0e 83 9a 28 c3 02 03 01 00 01 a3 81 e6 30 81 e3 30 1d 06 03 55 1d 0e 04 16 04 14 23 cf 32 38 42 52 75 4f 8f 4d ae d5 05 b5 68 76 30 a0 18 01 30 81 b3 06 03 55 1d 23 04 81 ab 30 81 a8 80 14 23 cf 32 38 42 52 75 4f 8f 4d ae d5 05 b5 68 76 30 a0 18 01 a1 81 8c a4 81 89 30 81 86 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 11 30 0f 06 03 55 04 08 13 08 49 6c 6c 69 6e 6f 69 73 31 10 30 0e 06 03 55 04 07 13 07 43 68 69 63 61 67 6f 31 12 30 10 06 03 55 04 0a 13 09 43 6f 6e 6e 61 6d 61 72 61 31 18 30 16 06 03 55 04 03 13 0f 43 48 49 2d 53 52 56 2d 4f 50 50 44 45 56 31 31 24 30 22 06 09 2a 86 48 86 f7 0d 01 09 01 16 15 63 62 75 73 62 65 79 40 63 6f 6e 6e 61 6d
Re: SSL3_GET_RECORD:wrong version number
A quick update on this issue. After digging through some untouched code, I discovered that the server was writing data directly to the port instead of the SSL_SOCK_Stream. Problem solved. Thanks for all of your help. On 12/11/06, Marek Marcola [EMAIL PROTECTED] wrote: Hello, Hrm... ssldump fails during the handshake with a 'Length Mismatch error with the xX options. Here is the output; New TCP connection #5: localhost.localdomain(53503) - localhost.localdomain(5758) 5 1 0.0024 (0.0024) CS SSLv2 compatible client hello Version 3.1 cipher suites Unknown value 0x39 Unknown value 0x38 Unknown value 0x35 TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA SSL2_CK_3DES Unknown value 0x33 Unknown value 0x32 Unknown value 0x2f TLS_RSA_WITH_IDEA_CBC_SHA SSL2_CK_IDEA SSL2_CK_RC2 TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_RC4_128_MD5 SSL2_CK_RC4 TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA SSL2_CK_DES TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 SSL2_CK_RC2_EXPORT40 TLS_RSA_EXPORT_WITH_RC4_40_MD5 SSL2_CK_RC4_EXPORT40 Packet data[108]= 80 6a 01 03 01 00 51 00 00 00 10 00 00 39 00 00 38 00 00 35 00 00 16 00 00 13 00 00 0a 07 00 c0 00 00 33 00 00 32 00 00 2f 00 00 07 05 00 80 03 00 80 00 00 05 00 00 04 01 00 80 00 00 15 00 00 12 00 00 09 06 00 40 00 00 14 00 00 11 00 00 08 00 00 06 04 00 80 00 00 03 02 00 80 91 55 24 ce 72 4d 72 01 68 d9 56 6c 86 9c 59 f6 5 2 0.0053 (0.0029) SCV3.1(74) Handshake ServerHello Version 3.1 random[32]= 45 7d b0 b3 87 26 d8 05 b8 27 68 85 01 f5 5e 59 8a 67 d1 ac 3d 94 bc d6 45 c4 f0 42 7a a1 60 ec session_id[32]= 2e ab ad 61 fe 1e 47 6a f2 a2 0f 06 c9 61 23 13 d1 4f 24 e4 5f f3 89 ea 25 8c 90 2d ea b7 fa aa cipherSuite Unknown value 0x35 compressionMethod NULL Packet data[79]= 16 03 01 00 4a 02 00 00 46 03 01 45 7d b0 b3 87 26 d8 05 b8 27 68 85 01 f5 5e 59 8a 67 d1 ac 3d 94 bc d6 45 c4 f0 42 7a a1 60 ec 20 2e ab ad 61 fe 1e 47 6a f2 a2 0f 06 c9 61 23 13 d1 4f 24 e4 5f f3 89 ea 25 8c 90 2d ea b7 fa aa 00 35 00 5 3 0.0053 (0.) SCV3.1(889) Handshake Certificate Subject C=US ST=Illinois L=Chicago O=Blah CN=BLAH-SRV-BLAH [EMAIL PROTECTED] Issuer C=US ST=Illinois L=Chicago O=Blah CN=BLAH-SRV-BLAH [EMAIL PROTECTED] Serial 00 Extensions Extension: X509v3 Subject Key Identifier Extension: X509v3 Authority Key Identifier Extension: X509v3 Basic Constraints Packet data[894]= 16 03 01 03 79 0b 00 03 75 00 03 72 00 03 6f 30 82 03 6b 30 82 02 d4 a0 03 02 01 02 02 01 00 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 86 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 11 30 0f 06 03 55 04 08 13 08 49 6c 6c 69 6e 6f 69 73 31 10 30 0e 06 03 55 04 07 13 07 43 68 69 63 61 67 6f 31 12 30 10 06 03 55 04 0a 13 09 43 6f 6e 6e 61 6d 61 72 61 31 18 30 16 06 03 55 04 03 13 0f 43 48 49 2d 53 52 56 2d 4f 50 50 44 45 56 31 31 24 30 22 06 09 2a 86 48 86 f7 0d 01 09 01 16 15 63 62 75 73 62 65 79 40 63 6f 6e 6e 61 6d 61 72 61 2e 63 6f 6d 30 1e 17 0d 30 36 31 32 30 34 32 33 30 32 35 33 5a 17 0d 30 39 30 38 33 30 32 33 30 32 35 33 5a 30 81 86 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 11 30 0f 06 03 55 04 08 13 08 49 6c 6c 69 6e 6f 69 73 31 10 30 0e 06 03 55 04 07 13 07 43 68 69 63 61 67 6f 31 12 30 10 06 03 55 04 0a 13 09 43 6f 6e 6e 61 6d 61 72 61 31 18 30 16 06 03 55 04 03 13 0f 43 48 49 2d 53 52 56 2d 4f 50 50 44 45 56 31 31 24 30 22 06 09 2a 86 48 86 f7 0d 01 09 01 16 15 63 62 75 73 62 65 79 40 63 6f 6e 6e 61 6d 61 72 61 2e 63 6f 6d 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 a1 17 50 53 10 ef 67 24 62 b5 6a 76 9d dd c5 32 61 9d 9d b4 59 43 a2 a8 9a 72 11 7d c0 36 4d 9f 1e ae 25 30 01 97 3d 90 54 bd b1 1a 3e 65 ec 3f 56 1b 79 39 03 57 08 74 29 6f 0b 19 e1 ca 5d 3b 8e 25 de 54 28 15 d0 f0 8c c2 0f 41 5a db ba e8 67 8a e1 af 93 0f f9 11 d4 8f e7 6c 6a 2a d9 8d 1f 9a df 46 0b 61 3b 17 75 00 08 fd 5d f5 b8 57 00 90 4d 83 25 bf 47 22 ab b2 d7 0e 83 9a 28 c3 02 03 01 00 01 a3 81 e6 30 81 e3 30 1d 06 03 55 1d 0e 04 16 04 14 23 cf 32 38 42 52 75 4f 8f 4d ae d5 05 b5 68 76 30 a0 18 01 30 81 b3 06 03 55 1d 23 04 81 ab 30 81 a8 80 14 23 cf 32 38 42 52 75 4f 8f 4d ae d5 05 b5 68 76 30 a0 18 01 a1 81 8c a4 81 89 30 81 86 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 11 30 0f 06 03 55 04 08 13 08 49 6c 6c 69