If you change the ssl config per location, there is an ssl renegotiation.
Hi All,
I found 2 “Change Cipher Spec”, only when i am using the "Location"
tag. I am using "Location" tag as i don't want SSL Mutual
authentication for all the URLs.
Why i am getting 2 “Change Cipher Spec” when i am using "Location" tag.
Regards
Chima
On Mon, Mar 11, 2013 at 2:45 PM, chima s <chima.s@xxxxxxxxx> wrote:
> Hi
>
> We are using apache as reverse proxy and backend as tomact.
>
> In Apache we are terminating the SSL connection and also enabled the
> client authentication.
>
> We are using soapui to test the connectivity and wireshark to check
> the SSL handshake.
>
> Below is wireshark flow dump. I noticed 2 “Change Cipher Spec”
> messages (2903 and 2999). Why there is 2 “Change Cipher Spec” and is
> this normal ?
>
> No. Time Source Destination
> Protocol Length Info
> 2811 3.440639 172.168.78.64 10.250.250.188 TCP
> 74 36556 > https [SYN, ECN, CWR] Seq=0 Win=5840 Len=0 MSS=1460
> SACK_PERM=1 TSval=3497146518 TSecr=0 WS=256
> 2843 3.457441 10.250.250.188 172.168.78.64 TCP
> 74 https > 36556 [SYN, ACK, ECN] Seq=0 Ack=1 Win=5792 Len=0
> MSS=1380 SACK_PERM=1 TSval=2174348895 TSecr=3497146518 WS=128
> 2844 3.457459 172.168.78.64 10.250.250.188 TCP
> 66 36556 > https [ACK] Seq=1 Ack=1 Win=5888 Len=0
> TSval=3497146522 TSecr=2174348895
> 2845 3.457683 172.168.78.64 10.250.250.188 TLSv1
> 173 Client Hello
> 2865 3.473604 10.250.250.188 172.168.78.64 TCP
> 66 https > 36556 [ACK] Seq=1 Ack=108 Win=5888 Len=0
> TSval=2174348912 TSecr=3497146522
> 2888 3.482350 10.250.250.188 172.168.78.64 TLSv1
> 1434 Server Hello
> 2889 3.482356 172.168.78.64 10.250.250.188 TCP
> 66 36556 > https [ACK] Seq=108 Ack=1369 Win=8960 Len=0
> TSval=3497146528 TSecr=2174348920
> 2890 3.482359 10.250.250.188 172.168.78.64 TCP
> 1434 [TCP segment of a reassembled PDU]
> 2891 3.482363 172.168.78.64 10.250.250.188 TCP
> 66 36556 > https [ACK] Seq=108 Ack=2737 Win=11776 Len=0
> TSval=3497146528 TSecr=2174348920
> 2892 3.482366 10.250.250.188 172.168.78.64 TLSv1
> 1426 Certificate
> 2893 3.482371 172.168.78.64 10.250.250.188 TCP
> 66 36556 > https [ACK] Seq=108 Ack=4097 Win=14592 Len=0
> TSval=3497146528 TSecr=2174348920
> 2898 3.509659 10.250.250.188 172.168.78.64 TLSv1
> 465 Server Key Exchange
> 2899 3.509666 172.168.78.64 10.250.250.188 TCP
> 66 36556 > https [ACK] Seq=108 Ack=4496 Win=17152 Len=0
> TSval=3497146535 TSecr=2174348937
> 2900 3.517916 172.168.78.64 10.250.250.188 TLSv1
> 264 Client Key Exchange, Change Cipher Spec, Encrypted Handshake
> Message
> 2903 3.541547 10.250.250.188 172.168.78.64 TLSv1
> 125 Change Cipher Spec, Encrypted Handshake Message
> 2904 3.541700 172.168.78.64 10.250.250.188 TLSv1
> 375 Application Data
> 2905 3.541777 172.168.78.64 10.250.250.188 TLSv1
> 343 Application Data
> 2939 3.562193 10.250.250.188 172.168.78.64 TCP
> 66 https > 36556 [ACK] Seq=4555 Ack=892 Win=9088 Len=0
> TSval=2174349001 TSecr=3497146543
> 2940 3.562846 10.250.250.188 172.168.78.64 TLSv1
> 103 Encrypted Handshake Message
> 2941 3.562945 172.168.78.64 10.250.250.188 TLSv1
> 183 Encrypted Handshake Message
> 2955 3.587402 10.250.250.188 172.168.78.64 TLSv1
> 1434 Encrypted Handshake Message
> 2956 3.587919 10.250.250.188 172.168.78.64 TLSv1
> 1434 Encrypted Handshake Message
> 2957 3.587928 172.168.78.64 10.250.250.188 TCP
> 66 36556 > https [ACK] Seq=1009 Ack=7328 Win=23040 Len=0
> TSval=3497146554 TSecr=2174349026
> 2958 3.587932 10.250.250.188 172.168.78.64 TLSv1
> 582 Encrypted Handshake Message
> 2963 3.597538 172.168.78.64 10.250.250.188 TLSv1
> 1434 Encrypted Handshake Message
> 2964 3.597543 172.168.78.64 10.250.250.188 TLSv1
> 371 Encrypted Handshake Message
> 2983 3.613528 10.250.250.188 172.168.78.64 TCP
> 66 https > 36556 [ACK] Seq=7844 Ack=2682 Win=14720 Len=0
> TSval=2174349052 TSecr=3497146557
> 2999 3.620452 10.250.250.188 172.168.78.64 TLSv1
> 156 Change Cipher Spec, Encrypted Handshake Message
> 3001 3.637337 10.250.250.188 172.168.78.64 TLSv1
> 609 Application Data, Application Data, Application Data
> 3002 3.637472 172.168.78.64 10.250.250.188 TCP
> 66 36556 > https [ACK] Seq=2682 Ack=8477 Win=28416 Len=0
> TSval=3497146567 TSecr=2174349059
> 3003 3.640371 10.250.250.188 172.168.78.64 TLSv1
> 103 Application Data
> 3106 3.676451 172.168.78.64 10.250.250.188 TCP
> 66 36556 > https [ACK] Seq=2682 Ack=8514 Win=28416 Len=0
> TSval=3497146577 TSecr=2174349079
> 7214 8.646676 10.250.250.188 172.168.78.64 TCP
> 66 https > 36556 [FIN, ACK] Seq=8514 Ack=2682 Win=14720 Len=0
> TSval=2174354085 TSecr=3497146577
> 7215 8.646809 172.168.78.64 10.250.250.188 TLSv1
> 103 Encrypted Alert
> 7216 8.646853 172.168.78.64 10.250.250.188 TCP
> 66 36556 > https [FIN, ACK] Seq=2719 Ack=8515 Win=28416 Len=0
> TSval=3497147819 TSecr=2174354085
> 7261 8.661712 10.250.250.188 172.168.78.64 TCP
> 66 https > 36556 [ACK] Seq=8515 Ack=2720 Win=14720 Len=0
> TSval=2174354101 TSecr=3497147819
>
>
> Regards
> Chima
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|