As part of the TLS handshake with client cert authentication, the client sends a "Certificate Verify" message (https://ask.wireshark.org/questions/43671/certificate-verify-message). What I have found from capturing packet dumps with Wireshark on multiple machines (Windows 10, Windows 2012 R2) is that the Certificate Verify message is NEVER sent with TLS1.2. However, if I explicitly set it to TLS1.1 or TLS1.0, the cert verify message is indeed sent and the connection is established. Therefore, I need to know why this message isn't sent with TLS1.2 (at least on newer versions of Windows) and how can I get it to send that? asked 20 May '16, 08:35  Noam Marks |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
