We have an encrypted IIS web server -> IIS app server trace. Encryption is not 2 way, so the cert comes only from the app server side. In order to decrypt the trace, I have to add the pre-go_live cert ( for "myURL-temp.company.com") to my SSL preferences first, then add in the post-go_live cert (myURL.company.com ) Then I can decrypt the traffic. Reverse that sequence of certs, and no joy. "Client Hello" calls the pre-go_live URL: myURL-temp.company.com However, the server certificate exchanged is the post-go_live cert for " MyURL.company.com" , as expected. Why in the world do I have to include the pre-go_live cert in the preferences? It's not showing up anywhere I can see in the cert exchange. Does IIS somehow use both certs to do the encryption? ( I'm a Unix guy - you could put in a teaspoon what I know about IIS). asked 21 Feb '14, 09:16  chavid |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
