Tengo un problema con una comunicación de máquina a máquina en la que, para mí, parece que nuestro servidor cuelga el TCP durante el protocolo de enlace, pero no entiendo por qué. Hemos estado funcionando durante varios meses en la misma configuración de certificados, etc. Nuestro cliente supuestamente solo ha cambiado el requisito de no admitir SSLv2. Pero eso no es un problema para nuestro servidor.
¿Hay alguien que tenga alguna idea de lo que está pasando? ¿Hay alguna información que desee que yo proporcione?
A continuación se muestra la conversación TCP tomada de Network Monitor:
server client TCP: [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
client server TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23
client server TLS:TLS Rec Layer-1 HandShake: Client Hello.
server client TCP: [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
server client TLS:TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
client server TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35
client server TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
client server TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57
client server TLS:TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
server client TCP: [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0
EDIT: 2014.11.12 - Se agregaron más detalles
A continuación, he incluido información detallada de los protocolos TCP y TLS para cada fotograma a continuación.
Y para proporcionar más información, esta solución son aplicaciones de integración que se comunican con SOAP sobre TLS. Todo esto ha funcionado bien hasta que se realizaron varias actualizaciones en el lado del cliente. Exactamente de lo que no he podido obtener información completa, este es un lado del cliente del gobierno ... Pero cada solicitud de SOAP de su lado termina ahora antes de que se realice el saludo de TLS, de la manera exacta cada vez. No tengo la posibilidad de probar diferentes configuraciones de servidor / cliente para este problema como se sugiere.
36962 18:15:51 09.12.2014 2914.4460297 (0) Server IP Client IP TCP TCP: [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
- Tcp: [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
SrcPort: HTTPS(443)
DstPort: 42262
SequenceNumber: 1989100423 (0x768F4387)
AcknowledgementNumber: 2540094201 (0x9766C2F9)
- DataOffset: 160 (0xA0)
DataOffset: (1010....) 40 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: .E.A..S.
CWR: (0.......) CWR not significant
ECE: (.1......) ECN-Echo significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......1.) Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 8192 ( Negotiated scale factor 0x8 ) = 8192
Checksum: 0xEDDA, Bad
UrgentPointer: 0 (0x0)
- TCPOptions:
- MaxSegmentSize: 1
type: Maximum Segment Size. 2(0x2)
OptionLength: 4 (0x4)
MaxSegmentSize: 1460 (0x5B4)
- NoOption:
type: No operation. 1(0x1)
- WindowsScaleFactor: ShiftCount: 8
type: Window scale factor. 3(0x3)
Length: 3 (0x3)
ShiftCount: 8 (0x8)
- SACKPermitted:
type: SACK permitted. 4(0x4)
OptionLength: 2 (0x2)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 1421864 (0x15B228)
TimestampEchoReply: 86050255 (0x52105CF)
36963 18:15:51 09.12.2014 2914.4487184 (0) Client IP Server IP TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23
- Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094201 (0x9766C2F9)
AcknowledgementNumber: 1989100424 (0x768F4388)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A....
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 23
Checksum: 0x1082, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050256 (0x52105D0)
TimestampEchoReply: 1421864 (0x15B228)
36969 18:15:51 09.12.2014 2914.4491115 (0) Client IP Server IP TLS TLS:TLS Rec Layer-1 HandShake: Client Hello.
- Tcp: Flags=...AP..., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=156, Seq=2540094201 - 2540094357, Ack=1989100424, Win=23
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094201 (0x9766C2F9)
AcknowledgementNumber: 1989100424 (0x768F4388)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...AP...
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....1...) Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 23
Checksum: 0xEBA1, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050256 (0x52105D0)
TimestampEchoReply: 1421864 (0x15B228)
TCPPayload: SourcePort = 42262, DestinationPort = 443
TLSSSLData: Transport Layer Security (TLS) Payload Data
- TLS: TLS Rec Layer-1 HandShake: Client Hello.
- TlsRecordLayer: TLS Rec Layer-1 HandShake:
ContentType: HandShake:
- Version: TLS 1.0
Major: 3 (0x3)
Minor: 1 (0x1)
Length: 151 (0x97)
- SSLHandshake: SSL HandShake ClientHello(0x01)
HandShakeType: ClientHello(0x01)
Length: 147 (0x93)
- ClientHello: TLS 1.2
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
- RandomBytes:
TimeStamp: 12/09/2014, 17:15:52 .0000 UTC
RandomBytes: Binary Large Object (28 Bytes)
SessionIDLength: 0 (0x0)
CipherSuitesLength: 78
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 { 0x00, 0xA3 }
Cipher: 163 (0xA3)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 { 0x00, 0x9F }
Cipher: 159 (0x9F)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 { 0x00, 0x6B }
Cipher: 107 (0x6B)
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 { 0x00, 0x6A }
Cipher: 106 (0x6A)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_CBC_SHA { 0x00, 0x39 }
Cipher: 57 (0x39)
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_CBC_SHA { 0x00, 0x38 }
Cipher: 56 (0x38)
- TLSCipherSuites: TLS_RSA_WITH_AES_256_GCM_SHA384 { 0x00, 0x9D }
Cipher: 157 (0x9D)
- TLSCipherSuites: TLS_RSA_WITH_AES_256_CBC_SHA256 { 0x00, 0x3D }
Cipher: 61 (0x3D)
- TLSCipherSuites: TLS_RSA_WITH_AES_256_CBC_SHA { 0x00, 0x35 }
Cipher: 53 (0x35)
- TLSCipherSuites: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x16}
Cipher: 22 (0x16)
- TLSCipherSuites: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA { 0x00,0x13 }
Cipher: 19 (0x13)
- TLSCipherSuites: TLS_RSA_WITH_3DES_EDE_CBC_SHA { 0x00,0x0A }
Cipher: 10 (0xA)
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 { 0x00, 0xA2 }
Cipher: 162 (0xA2)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 { 0x00, 0x9E }
Cipher: 158 (0x9E)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 { 0x00, 0x67 }
Cipher: 103 (0x67)
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 { 0x00, 0x40 }
Cipher: 64 (0x40)
- TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_CBC_SHA { 0x00, 0x33 }
Cipher: 51 (0x33)
- TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_CBC_SHA { 0x00, 0x32 }
Cipher: 50 (0x32)
- TLSCipherSuites: TLS_RSA_WITH_AES_128_GCM_SHA256 { 0x00, 0x9C }
Cipher: 156 (0x9C)
- TLSCipherSuites: TLS_RSA_WITH_AES_128_CBC_SHA256 { 0x00, 0x3C }
Cipher: 60 (0x3C)
- TLSCipherSuites: TLS_RSA_WITH_AES_128_CBC_SHA { 0x00, 0x2F }
Cipher: 47 (0x2F)
- TLSCipherSuites: TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA { 0x00, 0x66 }
Cipher: 102 (0x66)
- TLSCipherSuites: TLS_RSA_WITH_RC4_128_SHA { 0x00,0x05 }
Cipher: 5 (0x5)
- TLSCipherSuites: TLS_RSA_WITH_RC4_128_MD5 { 0x00,0x04 }
Cipher: 4 (0x4)
- TLSCipherSuites: TLS_NTRU_NSS_WITH_AES_128_CBC_SHA { 0x00, 0x63 }
Cipher: 99 (0x63)
- TLSCipherSuites: TLS_DHE_RSA_WITH_DES_CBC_SHA { 0x00,0x15 }
Cipher: 21 (0x15)
- TLSCipherSuites: TLS_DHE_DSS_WITH_DES_CBC_SHA { 0x00,0x12 }
Cipher: 18 (0x12)
- TLSCipherSuites: TLS_NTRU_NSS_WITH_3DES_EDE_CBC_SHA { 0x00, 0x62 }
Cipher: 98 (0x62)
- TLSCipherSuites: TLS_RSA_WITH_DES_CBC_SHA { 0x00,0x09 }
Cipher: 9 (0x9)
- TLSCipherSuites: TLS_NTRU_NSS_WITH_RC4_128_SHA { 0x00, 0x61 }
Cipher: 97 (0x61)
- TLSCipherSuites: TLS_NTRU_RSA_WITH_RC4_128_SHA { 0x00, 0x65 }
Cipher: 101 (0x65)
- TLSCipherSuites: TLS_NTRU_NSS_WITH_AES_256_CBC_SHA { 0x00, 0x64 }
Cipher: 100 (0x64)
- TLSCipherSuites: Unknown Cipher
Cipher: 96 (0x60)
- TLSCipherSuites: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA { 0x00,0x14 }
Cipher: 20 (0x14)
- TLSCipherSuites: TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA { 0x00,0x11 }
Cipher: 17 (0x11)
- TLSCipherSuites: TLS_RSA_EXPORT_WITH_DES40_CBC_SHA { 0x00,0x08 }
Cipher: 8 (0x8)
- TLSCipherSuites: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 { 0x00,0x06 }
Cipher: 6 (0x6)
- TLSCipherSuites: TLS_RSA_EXPORT_WITH_RC4_40_MD5 { 0x00,0x03 }
Cipher: 3 (0x3)
- TLSCipherSuites: Unknown Cipher
Cipher: 255 (0xFF)
CompressionMethodsLength: 1 (0x1)
CompressionMethods: 0 (0x0)
ExtensionsLength: 28 (0x1C)
- ClientHelloExtension: Signature Algorithms(0x000D)
ExtensionType: Signature Algorithms(0x000D)
ExtensionLength: 24 (0x18)
Data: Binary Large Object (24 Bytes)
36972 18:15:51 09.12.2014 2914.4512965 (0) Server IP Client IP TCP TCP: [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
- Tcp: [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
SrcPort: HTTPS(443)
DstPort: 42262
SequenceNumber: 1989100424 (0x768F4388)
AcknowledgementNumber: 2540094357 (0x9766C395)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A....
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 2081 (scale factor 0x0) = 2081
Checksum: 0xEDD2, Bad
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 1421865 (0x15B229)
TimestampEchoReply: 86050256 (0x52105D0)
36975 18:15:51 09.12.2014 2914.4548786 (4) Server IP Client IP TLS TLS:TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
- Tcp: [Bad CheckSum]Flags=...AP..., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=3396, Seq=1989100424 - 1989103820, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
SrcPort: HTTPS(443)
DstPort: 42262
SequenceNumber: 1989100424 (0x768F4388)
AcknowledgementNumber: 2540094357 (0x9766C395)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...AP...
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....1...) Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 2081 (scale factor 0x0) = 2081
Checksum: 0xEDB2, Bad
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 1421865 (0x15B229)
TimestampEchoReply: 86050256 (0x52105D0)
TCPPayload: SourcePort = 443, DestinationPort = 42262
TLSSSLData: Transport Layer Security (TLS) Payload Data
- TLS: TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
- TlsRecordLayer: TLS Rec Layer-1 HandShake:
ContentType: HandShake:
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
Length: 3391 (0xD3F)
- SSLHandshake: SSL HandShake Server Hello Done(0x0E)
HandShakeType: ServerHello(0x02)
Length: 77 (0x4D)
- ServerHello: 0x1
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
- RandomBytes:
TimeStamp: 12/09/2014, 17:15:51 .0000 UTC
RandomBytes: Binary Large Object (28 Bytes)
SessionIDLength: 32 (0x20)
SessionID: Binary Large Object (32 Bytes)
TLSCipherSuite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 { 0x00, 0x9F }
CompressionMethods: 0 (0x0)
ExtensionsLength: 5 (0x5)
- ServerHelloExtension: Renegotiation Info(0xFF01)
ExtensionType: Renegotiation Info(0xFF01)
ExtensionLength: 1 (0x1)
Data: Binary Large Object (1 Bytes)
HandShakeType: Certificate(0x0B)
Length: 2648 (0xA58)
- Cert: 0x1
CertLength: 2645 (0xA55)
+ Certificates:
+ Certificates:
HandShakeType: Server Key Exchange(0x0C)
Length: 650 (0x28A)
ServerKeyExchange: Binary Large Object (650 Bytes)
HandShakeType: Server Hello Done(0x0E)
Length: 0 (0x0)
36976 18:15:51 09.12.2014 2914.4577770 (0) Client IP Server IP TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35
- Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094357 (0x9766C395)
AcknowledgementNumber: 1989101872 (0x768F4930)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A....
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 35
Checksum: 0xA2F, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050258 (0x52105D2)
TimestampEchoReply: 1421865 (0x15B229)
36980 18:15:51 09.12.2014 2914.4581476 (0) Client IP Server IP TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
- Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094357 (0x9766C395)
AcknowledgementNumber: 1989103320 (0x768F4ED8)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A....
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 46
Checksum: 0x47C, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050258 (0x52105D2)
TimestampEchoReply: 1421865 (0x15B229)
36983 18:15:51 09.12.2014 2914.4582581 (0) Client IP Server IP TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57
- Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094357 (0x9766C395)
AcknowledgementNumber: 1989103820 (0x768F50CC)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A....
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 57
Checksum: 0x27D, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050258 (0x52105D2)
TimestampEchoReply: 1421865 (0x15B229)
36987 18:15:51 09.12.2014 2914.4613152 (0) Client IP Server IP TLS TLS:TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
- Tcp: Flags=...AP..., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=190, Seq=2540094357 - 2540094547, Ack=1989103820, Win=57
SrcPort: 42262
DstPort: HTTPS(443)
SequenceNumber: 2540094357 (0x9766C395)
AcknowledgementNumber: 1989103820 (0x768F50CC)
- DataOffset: 128 (0x80)
DataOffset: (1000....) 32 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...AP...
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....1...) Push Function
Reset: (.....0..) No Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 57
Checksum: 0x63CB, Good
UrgentPointer: 0 (0x0)
- TCPOptions:
- NoOption:
type: No operation. 1(0x1)
- NoOption:
type: No operation. 1(0x1)
- TimeStamp:
type: Timestamp. 8(0x8)
Length: 10 (0xA)
TimestampValue: 86050259 (0x52105D3)
TimestampEchoReply: 1421865 (0x15B229)
TCPPayload: SourcePort = 42262, DestinationPort = 443
TLSSSLData: Transport Layer Security (TLS) Payload Data
- TLS: TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
- TlsRecordLayer: TLS Rec Layer-1 HandShake:
ContentType: HandShake:
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
Length: 134 (0x86)
- SSLHandshake: SSL HandShake Client Key Exchange(0x10)
HandShakeType: Client Key Exchange(0x10)
Length: 130 (0x82)
ClientKeyExchange: Binary Large Object (130 Bytes)
- TlsRecordLayer: TLS Rec Layer-2 Cipher Change Spec
ContentType: Cipher Change Spec
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
Length: 1 (0x1)
- ChangeCipherSpec: 0x1
ChangeCipherSpecValue: 1 (0x1)
- TlsRecordLayer: TLS Rec Layer-3 HandShake:
ContentType: HandShake:
- Version: TLS 1.2
Major: 3 (0x3)
Minor: 3 (0x3)
Length: 40 (0x28)
- SSLHandshake: SSL HandShake Client Key Exchange(0x10)
EncryptedHandshakeMessage: Binary Large Object (40 Bytes)
36993 18:15:51 09.12.2014 2914.4634018 (4) Server IP Client IP TCP TCP: [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0
- Tcp: [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0
SrcPort: HTTPS(443)
DstPort: 42262
SequenceNumber: 1989103820 (0x768F50CC)
AcknowledgementNumber: 2540094547 (0x9766C453)
- DataOffset: 80 (0x50)
DataOffset: (0101....) 20 bytes
Reserved: (....000.)
NS: (.......0) Nonce Sum not significant
- Flags: ...A.R..
CWR: (0.......) CWR not significant
ECE: (.0......) ECN-Echo not significant
Urgent: (..0.....) Not Urgent Data
Ack: (...1....) Acknowledgement field significant
Push: (....0...) No Push Function
Reset: (.....1..) Reset
Syn: (......0.) Not Synchronize sequence numbers
Fin: (.......0) Not End of data
Window: 0 (scale factor 0x0) = 0
Checksum: 0xEDC6, Bad
UrgentPointer: 0 (0x0)
EDIT: 2014.12.12 problema resuelto
El problema real se debía a un securitypatch de MS ( enlace ). Y el lado del cliente había cambiado de tener TLS1.0 como predeterminado, preferido a TLS1.2. Con el parche mencionado anteriormente de MS funciona bien comunicarse con TLS1.0, pero no con TLS1.1 o TLS1.2. La solución final fue deshabilitar el uso de estos nuevos cifrados en nuestro lado del servidor. Ahora ambas partes hablan alegremente juntas sobre TLS1.2.
Gracias a todos por su tiempo.
Saludos
Roy