Re: What does this error mean? sslv3 alert certificate unknown:state 23

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On Apr 24, 2017, at 7:11 PM, Blumenthal, Uri - 0553 - MITLL <uri@xxxxxxxxxx> wrote:
> 
>    Please report tshark output, not an approximate rendition.  In what direction
>    is the alert sent?
> 
> I’m using WireShark. The IP addresses on the Alert packet show local host as the source, and the proxy as the destination. Is there another way to tell the direction? Or how to present it in a way that I can sanitize the output and post here?

I get slightly annoyed when I take the time to help, but my response is
skimmed over and not read carefully.  Upthread I said:

See my recent post: https://www.spinics.net/lists/openssl-users/msg05623.html
for instructions on how to extract SSL info from PCAP files in a way that
mostly trims away endpoint details... (of course SNI names and cert names
would still be there, so you'd need to trim those if you want to anonymize
the guilty parties).

Install tshark somewhere, and use it to decode the PCAP file.  Then post
the results.

If the alert is from the application to the proxy, then most likely the
application does not trust the proxy MiTM root CA.

-- 
	Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux