troubleshooting Question

when are the certificates exchanged in a TLS session

Avatar of Rohit Bajaj
Rohit BajajFlag for India asked on
NetworkingNetworking ProtocolsNetwork Analysis
1 Comment1 Solution1020 ViewsLast Modified:
HI,
I have the following TLS capture in wireshark , This contains Change cipher spec, server hello, ...
But doesnt contain certificate entry. Also i dont see any certificate in the wireshark capture.
Is it possible that the server didnt sent any certificate ?
How do i find out the entry where server sent the certificate in the wireshark capture ?

Frame 60: 222 bytes on wire (1776 bits), 222 bytes captured (1776 bits) on interface 0
Ethernet II, Src: Procurve_a0:c7:80 (c0:91:34:a0:c7:80), Dst: Apple_f3:ac:2a (24:a0:74:f3:ac:2a)
Internet Protocol Version 4, Src: 52.84.105.126, Dst: 172.16.44.155
Transmission Control Protocol, Src Port: 443, Dst Port: 55760, Seq: 1, Ack: 518, Len: 156
Secure Sockets Layer
    TLSv1.2 Record Layer: Handshake Protocol: Server Hello
        Content Type: Handshake (22)
        Version: TLS 1.2 (0x0303)
        Length: 100
        Handshake Protocol: Server Hello
            Handshake Type: Server Hello (2)
            Length: 96
            Version: TLS 1.2 (0x0303)
            Random
                GMT Unix Time: Dec 19, 1984 05:08:32.000000000 IST
                Random Bytes: 067f9f079aca9da31cdecec70c54428376a38194d9134f2a...
            Session ID Length: 32
            Session ID: 87bfb9dc500ea382098ff6c23756e43c13d25f302d3a311e...
            Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
            Compression Method: null (0)
            Extensions Length: 24
            Extension: renegotiation_info
                Type: renegotiation_info (0xff01)
                Length: 1
                Renegotiation Info extension
                    Renegotiation info extension length: 0
            Extension: status_request
                Type: status_request (0x0005)
                Length: 0
            Extension: Application Layer Protocol Negotiation
                Type: Application Layer Protocol Negotiation (0x0010)
                Length: 11
                ALPN Extension Length: 9
                ALPN Protocol
                    ALPN string length: 8
                    ALPN Next Protocol: http/1.1
    TLSv1.2 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
        Content Type: Change Cipher Spec (20)
        Version: TLS 1.2 (0x0303)
        Length: 1
        Change Cipher Spec Message
            [Expert Info (Note/Sequence): This session reuses previously negotiated keys (Session resumption)]
                [This session reuses previously negotiated keys (Session resumption)]
                [Severity level: Note]
                [Group: Sequence]
    TLSv1.2 Record Layer: Handshake Protocol: Encrypted Handshake Message
        Content Type: Handshake (22)
        Version: TLS 1.2 (0x0303)
        Length: 40
        Handshake Protocol: Encrypted Handshake Message

Thanks
ASKER CERTIFIED SOLUTION
Dirk Kotte
SE

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 1 Comment.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros