This is our old Q&A Site. Please post any new questions and answers at

Can anybody explain what "Type 21 error" means in Encryption Alert packages? Any reference to the protocol specs concerning these Alerts would be appreciated.

Example here:

asked 13 Feb '16, 03:39

boiiingg's gravatar image

accept rate: 0%

BTW. If this "type 21" behaviour is according to specs, then different semantics in Wireshark would be an idea?

(13 Feb '16, 04:04) boiiingg

What are you expecting to see? Type 21 is the TLS record type for an Alert Message which is always encrypted.

Unless you have supplied sufficient keying material to allow Wireshark to decrypt the alert, that's all Wireshark can report.

permanent link

answered 14 Feb '16, 10:43

grahamb's gravatar image

grahamb ♦
accept rate: 22%

Thanks for your reply. I was looking for that actually. But where do I extract the keying info? I've got some experience with decrypting SSL streams having webserver keypairs, importing them in Wireshark. But I don't know if there is a way to obtain keying data from the clientside (for i.e. is there a browser-plugin that can export session keys for analysis?)

(15 Feb '16, 00:46) boiiingg

That's a separate Question, but as it has already been asked several times, please don't ask it once more and look through this site for "pre-master key log file export".

(15 Feb '16, 01:15) sindy

Also see the Wiki page on SSL, especially the section on decrypting with a pre-master secret.

(15 Feb '16, 06:17) grahamb ♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 13 Feb '16, 03:39

question was seen: 7,107 times

last updated: 15 Feb '16, 06:17

p​o​w​e​r​e​d by O​S​Q​A