This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

HTTP gzip decompression failed (NOT out-of-order)

0

As I was experimenting with wireshark and SSL decryption, I ran into a reproducible error.

The SSL server sends back an HTML page and wireshark fails to decrypt:

I get a frame HTTP/1.1 200 OK, inside of which:

Content-encoded entity body (gzip): 77775 bytes [Error: Decompression failed]

I had a similar "Decompression failed" problem before with another server having to do with out-of-order frames, but in this capture everything is in-order.

I was able to reproduce this failure twice by going to
https://www.chase.com
Then scroll down to the bottom and click Site Map.
You will get a properly decrypted main page, but not the "site map" page.

Here is the relevant captures with SSL keys
http://cloudshark.org/captures/0b3b37e94edb

SSL keys:
http://pastebin.com/69V33BE2

Frame 1760 is where the failure happens.

Any suggestions on how to solve the failure?

asked 05 Aug '13, 09:19

dansmith's gravatar image

dansmith
16448
accept rate: 50%