Re: SSL Mutual Authentication

[chima s <chima.s@xxxxxxxxx>]

HI Eric,

the tcpdump shows 2 connection.

Please find the connection dump,

1    0.000000    192.168.78.64    10.250.250.188    TCP    68    14104 > https [SYN] Seq=0 Win=8192 Len=0 MSS=1260 WS=4 SACK_PERM=1
2    0.000151    10.250.250.188    192.168.78.64    TCP    68    https > 14104 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460 SACK_PERM=1 WS=128
3    0.261678    192.168.78.64    10.250.250.188    TCP    68    33717 > https [SYN] Seq=0 Win=8192 Len=0 MSS=1260 WS=4 SACK_PERM=1
4    0.261785    10.250.250.188    192.168.78.64    TCP    68    https > 33717 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460 SACK_PERM=1 WS=128
5    0.264488    192.168.78.64    10.250.250.188    TCP    62    14104 > https [ACK] Seq=1 Ack=1 Win=66780 Len=0
6    0.265358    192.168.78.64    10.250.250.188    TLSv1    204    Client Hello
7    0.265442    10.250.250.188    192.168.78.64    TCP    56    https > 14104 [ACK] Seq=1 Ack=149 Win=6912 Len=0
8    0.276847    10.250.250.188    192.168.78.64    TLSv1    1316    Server Hello
9    0.276890    10.250.250.188    192.168.78.64    TLSv1    791    Certificate
10    0.527661    192.168.78.64    10.250.250.188    TCP    62    33717 > https [ACK] Seq=1 Ack=1 Win=66780 Len=0
11    0.529070    192.168.78.64    10.250.250.188    TLSv1    204    Client Hello
12    0.529177    10.250.250.188    192.168.78.64    TCP    56    https > 33717 [ACK] Seq=1 Ack=149 Win=6912 Len=0
13    0.538247    10.250.250.188    192.168.78.64    TLSv1    1316    Server Hello
14    0.538277    10.250.250.188    192.168.78.64    TLSv1    791    Certificate
15    0.543441    192.168.78.64    10.250.250.188    TCP    62    14104 > https [ACK] Seq=149 Ack=1996 Win=66780 Len=0
16    0.807656    192.168.78.64    10.250.250.188    TCP    62    33717 > https [ACK] Seq=149 Ack=1996 Win=66780 Len=0
17    2.240939    192.168.78.64    10.250.250.188    TCP    1316    [TCP segment of a reassembled PDU]
18    2.241001    192.168.78.64    10.250.250.188    TLSv1    242    Certificate, Client Key Exchange, Certificate Verify
19    2.241030    10.250.250.188    192.168.78.64    TCP    56    https > 14104 [ACK] Seq=1996 Ack=1595 Win=12416 Len=0
20    2.249191    10.250.250.188    192.168.78.64    TLSv1    1298    New Session Ticket, Change Cipher Spec, Encrypted Handshake Message
21    2.253185    192.168.78.64    10.250.250.188    TCP    1316    [TCP segment of a reassembled PDU]
22    2.253431    192.168.78.64    10.250.250.188    TLSv1    242    Certificate, Client Key Exchange, Certificate Verify
23    2.253462    10.250.250.188    192.168.78.64    TCP    56    https > 33717 [ACK] Seq=1996 Ack=1595 Win=12416 Len=0
24    2.261121    10.250.250.188    192.168.78.64    TLSv1    1298    New Session Ticket, Change Cipher Spec, Encrypted Handshake Message
25    2.515923    192.168.78.64    10.250.250.188    TLSv1    402    Application Data, Application Data
26    2.517877    10.250.250.188    192.168.78.64    TLSv1    626    Application Data, Application Data
27    2.518507    10.250.250.188    192.168.78.64    TCP    56    https > 14104 [FIN, ACK] Seq=3808 Ack=1941 Win=14976 Len=0
28    2.727484    192.168.78.64    10.250.250.188    TCP    62    33717 > https [ACK] Seq=1595 Ack=3238 Win=65536 Len=0
29    2.783812    192.168.78.64    10.250.250.188    TCP    62    14104 > https [ACK] Seq=1941 Ack=3809 Win=66780 Len=0

While calling single URL, why there was 2 connections. This happens when we try to connect from java applications also.

Thanks & Regards
Chima

On Thu, Mar 7, 2013 at 11:16 PM, Eric Covener <covener@xxxxxxxxx> wrote:

On Thu, Mar 7, 2013 at 12:08 PM, chima s <chima.s@xxxxxxxxx> wrote:
> Hi Eric,
>
> Its single connection. Just testing with single browser and calling the
> default SSL home page.

Please be more clear. Does your packet trace show two tcp connections
are made, or one?

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx