This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hi,

I have the following capture of an SSL V2.0 connection. https://onedrive.live.com/redir?resid=EB9C351AD3F72D5%21103

The packet capture was taken on proxy server the client returns Alert Level:Fatal, Description Bad Certificate. Can anybody explain to me why, looking at the capture file. Can this be because the CA's are not trusted on the client?

asked 29 Jul '14, 07:29

Herbaliser's gravatar image

Herbaliser
11223
accept rate: 0%


Frame #4: The client sends a CONNECT to the proxy, requesting a TCP connection on port 443 to the IP address 193.194.158.88, see also the Host header:

host: 193.194.158.88

Frame #15: The proxy sends the cert of the target server. The subject of the cert is: *.custo.bvdep.com

Result: The client complains about an invalid cert due to the mismatch between the subject of the cert (*.custo.bvdep.com) and the Host it was contacting: 193.194.158.88

There could have been a second reason, which I cannot check, as there is no information about that in the capture file (the capture was taken on the proxy - so the timestamp does not help):

The clients date/time could be outside of the validity range of the cert, which would trigger the client to complain about an invalid cert as well.

So, looks 'normal' to me.

Regards Kurt

permanent link

answered 30 Jul '14, 01:47

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×319
×18
×9

question asked: 29 Jul '14, 07:29

question was seen: 7,962 times

last updated: 30 Jul '14, 01:47

p​o​w​e​r​e​d by O​S​Q​A