Hi All, I found 2 “Change Cipher Spec”, only when i am using the "Location" tag. I am using "Location" tag as i don't want SSL Mutual authentication for all the URLs. Why i am getting 2 “Change Cipher Spec” when i am using "Location" tag. Regards Chima On Mon, Mar 11, 2013 at 2:45 PM, chima s <chima.s@xxxxxxxxx> wrote: > Hi > > We are using apache as reverse proxy and backend as tomact. > > In Apache we are terminating the SSL connection and also enabled the > client authentication. > > We are using soapui to test the connectivity and wireshark to check > the SSL handshake. > > Below is wireshark flow dump. I noticed 2 “Change Cipher Spec” > messages (2903 and 2999). Why there is 2 “Change Cipher Spec” and is > this normal ? > > No. Time Source Destination > Protocol Length Info > 2811 3.440639 172.168.78.64 10.250.250.188 TCP > 74 36556 > https [SYN, ECN, CWR] Seq=0 Win=5840 Len=0 MSS=1460 > SACK_PERM=1 TSval=3497146518 TSecr=0 WS=256 > 2843 3.457441 10.250.250.188 172.168.78.64 TCP > 74 https > 36556 [SYN, ACK, ECN] Seq=0 Ack=1 Win=5792 Len=0 > MSS=1380 SACK_PERM=1 TSval=2174348895 TSecr=3497146518 WS=128 > 2844 3.457459 172.168.78.64 10.250.250.188 TCP > 66 36556 > https [ACK] Seq=1 Ack=1 Win=5888 Len=0 > TSval=3497146522 TSecr=2174348895 > 2845 3.457683 172.168.78.64 10.250.250.188 TLSv1 > 173 Client Hello > 2865 3.473604 10.250.250.188 172.168.78.64 TCP > 66 https > 36556 [ACK] Seq=1 Ack=108 Win=5888 Len=0 > TSval=2174348912 TSecr=3497146522 > 2888 3.482350 10.250.250.188 172.168.78.64 TLSv1 > 1434 Server Hello > 2889 3.482356 172.168.78.64 10.250.250.188 TCP > 66 36556 > https [ACK] Seq=108 Ack=1369 Win=8960 Len=0 > TSval=3497146528 TSecr=2174348920 > 2890 3.482359 10.250.250.188 172.168.78.64 TCP > 1434 [TCP segment of a reassembled PDU] > 2891 3.482363 172.168.78.64 10.250.250.188 TCP > 66 36556 > https [ACK] Seq=108 Ack=2737 Win=11776 Len=0 > TSval=3497146528 TSecr=2174348920 > 2892 3.482366 10.250.250.188 172.168.78.64 TLSv1 > 1426 Certificate > 2893 3.482371 172.168.78.64 10.250.250.188 TCP > 66 36556 > https [ACK] Seq=108 Ack=4097 Win=14592 Len=0 > TSval=3497146528 TSecr=2174348920 > 2898 3.509659 10.250.250.188 172.168.78.64 TLSv1 > 465 Server Key Exchange > 2899 3.509666 172.168.78.64 10.250.250.188 TCP > 66 36556 > https [ACK] Seq=108 Ack=4496 Win=17152 Len=0 > TSval=3497146535 TSecr=2174348937 > 2900 3.517916 172.168.78.64 10.250.250.188 TLSv1 > 264 Client Key Exchange, Change Cipher Spec, Encrypted Handshake > Message > 2903 3.541547 10.250.250.188 172.168.78.64 TLSv1 > 125 Change Cipher Spec, Encrypted Handshake Message > 2904 3.541700 172.168.78.64 10.250.250.188 TLSv1 > 375 Application Data > 2905 3.541777 172.168.78.64 10.250.250.188 TLSv1 > 343 Application Data > 2939 3.562193 10.250.250.188 172.168.78.64 TCP > 66 https > 36556 [ACK] Seq=4555 Ack=892 Win=9088 Len=0 > TSval=2174349001 TSecr=3497146543 > 2940 3.562846 10.250.250.188 172.168.78.64 TLSv1 > 103 Encrypted Handshake Message > 2941 3.562945 172.168.78.64 10.250.250.188 TLSv1 > 183 Encrypted Handshake Message > 2955 3.587402 10.250.250.188 172.168.78.64 TLSv1 > 1434 Encrypted Handshake Message > 2956 3.587919 10.250.250.188 172.168.78.64 TLSv1 > 1434 Encrypted Handshake Message > 2957 3.587928 172.168.78.64 10.250.250.188 TCP > 66 36556 > https [ACK] Seq=1009 Ack=7328 Win=23040 Len=0 > TSval=3497146554 TSecr=2174349026 > 2958 3.587932 10.250.250.188 172.168.78.64 TLSv1 > 582 Encrypted Handshake Message > 2963 3.597538 172.168.78.64 10.250.250.188 TLSv1 > 1434 Encrypted Handshake Message > 2964 3.597543 172.168.78.64 10.250.250.188 TLSv1 > 371 Encrypted Handshake Message > 2983 3.613528 10.250.250.188 172.168.78.64 TCP > 66 https > 36556 [ACK] Seq=7844 Ack=2682 Win=14720 Len=0 > TSval=2174349052 TSecr=3497146557 > 2999 3.620452 10.250.250.188 172.168.78.64 TLSv1 > 156 Change Cipher Spec, Encrypted Handshake Message > 3001 3.637337 10.250.250.188 172.168.78.64 TLSv1 > 609 Application Data, Application Data, Application Data > 3002 3.637472 172.168.78.64 10.250.250.188 TCP > 66 36556 > https [ACK] Seq=2682 Ack=8477 Win=28416 Len=0 > TSval=3497146567 TSecr=2174349059 > 3003 3.640371 10.250.250.188 172.168.78.64 TLSv1 > 103 Application Data > 3106 3.676451 172.168.78.64 10.250.250.188 TCP > 66 36556 > https [ACK] Seq=2682 Ack=8514 Win=28416 Len=0 > TSval=3497146577 TSecr=2174349079 > 7214 8.646676 10.250.250.188 172.168.78.64 TCP > 66 https > 36556 [FIN, ACK] Seq=8514 Ack=2682 Win=14720 Len=0 > TSval=2174354085 TSecr=3497146577 > 7215 8.646809 172.168.78.64 10.250.250.188 TLSv1 > 103 Encrypted Alert > 7216 8.646853 172.168.78.64 10.250.250.188 TCP > 66 36556 > https [FIN, ACK] Seq=2719 Ack=8515 Win=28416 Len=0 > TSval=3497147819 TSecr=2174354085 > 7261 8.661712 10.250.250.188 172.168.78.64 TCP > 66 https > 36556 [ACK] Seq=8515 Ack=2720 Win=14720 Len=0 > TSval=2174354101 TSecr=3497147819 > > > Regards > Chima --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|