This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

As part of the TLS handshake with client cert authentication, the client sends a "Certificate Verify" message (https://ask.wireshark.org/questions/43671/certificate-verify-message).

What I have found from capturing packet dumps with Wireshark on multiple machines (Windows 10, Windows 2012 R2) is that the Certificate Verify message is NEVER sent with TLS1.2.

However, if I explicitly set it to TLS1.1 or TLS1.0, the cert verify message is indeed sent and the connection is established.

Therefore, I need to know why this message isn't sent with TLS1.2 (at least on newer versions of Windows) and how can I get it to send that?

asked 20 May '16, 08:35

Noam%20Marks's gravatar image

Noam Marks
1111
accept rate: 0%

Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×319
×254
×75
×44

question asked: 20 May '16, 08:35

question was seen: 1,777 times

last updated: 20 May '16, 08:35

p​o​w​e​r​e​d by O​S​Q​A