This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hi Wireshark Experts,

As a new user to Wireshark, I was looking for some guidance on the following set of logs: https://www.cloudshark.org/captures/cc0dbda0007f

In these logs the following error is being thrown which is preventing a user from accessing one our server IPs when using TLS 1.0:

TLS V1 Record Layer: Alert (Level: Fatal, Description: Bad Certificate) Content Type: Alert (21) Version: TLS 1.0 (0x0301) Length: 2 Alert Message: Level: Fatal (2) Description: Bad Certificate (42)

Do the logs themselves give a clear indication of why this may be as I'm at a loss? We've doubled checked the certificates as I'm aware the error relates to: "The certificate was corrupt or contained signatures that could not be correctly verified. This alert can occur if the client certificate was signed by a different CA than the one specified in the SSL profile"

Any assistance would be appreciated.

asked 02 Sep '16, 12:57

IMrob's gravatar image

IMrob
6112
accept rate: 0%


Seems as though not all clients trust the authority of 'DigiCert SHA2 Secure Server CA'. You should check their trust store.

permanent link

answered 02 Sep '16, 15:55

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×18

question asked: 02 Sep '16, 12:57

question was seen: 4,896 times

last updated: 02 Sep '16, 15:55

p​o​w​e​r​e​d by O​S​Q​A