El servidor envía RST durante el protocolo de enlace TLS. ¿Por qué?

3

Tengo un problema con una comunicación de máquina a máquina en la que, para mí, parece que nuestro servidor cuelga el TCP durante el protocolo de enlace, pero no entiendo por qué. Hemos estado funcionando durante varios meses en la misma configuración de certificados, etc. Nuestro cliente supuestamente solo ha cambiado el requisito de no admitir SSLv2. Pero eso no es un problema para nuestro servidor.

¿Hay alguien que tenga alguna idea de lo que está pasando? ¿Hay alguna información que desee que yo proporcione?

A continuación se muestra la conversación TCP tomada de Network Monitor:

server  client  TCP: [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
client  server  TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23
client  server  TLS:TLS Rec Layer-1 HandShake: Client Hello.
server  client  TCP: [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
server  client  TLS:TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
client  server  TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35
client  server  TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
client  server  TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57
client  server  TLS:TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
server  client  TCP: [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0

EDIT: 2014.11.12 - Se agregaron más detalles

A continuación, he incluido información detallada de los protocolos TCP y TLS para cada fotograma a continuación.

Y para proporcionar más información, esta solución son aplicaciones de integración que se comunican con SOAP sobre TLS. Todo esto ha funcionado bien hasta que se realizaron varias actualizaciones en el lado del cliente. Exactamente de lo que no he podido obtener información completa, este es un lado del cliente del gobierno ... Pero cada solicitud de SOAP de su lado termina ahora antes de que se realice el saludo de TLS, de la manera exacta cada vez. No tengo la posibilidad de probar diferentes configuraciones de servidor / cliente para este problema como se sugiere.

36962   18:15:51 09.12.2014 2914.4460297     (0)    Server IP   Client IP   TCP TCP: [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
    - Tcp:  [Bad CheckSum]Flags=.E.A..S., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100423, Ack=2540094201, Win=8192 ( Negotiated scale factor 0x8 ) = 8192
        SrcPort: HTTPS(443)
        DstPort: 42262
        SequenceNumber: 1989100423 (0x768F4387)
        AcknowledgementNumber: 2540094201 (0x9766C2F9)
      - DataOffset: 160 (0xA0)
         DataOffset: (1010....) 40 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: .E.A..S.
         CWR:    (0.......) CWR not significant
         ECE:    (.1......) ECN-Echo significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......1.) Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 8192 ( Negotiated scale factor 0x8 ) = 8192
        Checksum: 0xEDDA, Bad
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - MaxSegmentSize: 1
          type: Maximum Segment Size. 2(0x2)
          OptionLength: 4 (0x4)
          MaxSegmentSize: 1460 (0x5B4)
       - NoOption: 
          type: No operation. 1(0x1)
       - WindowsScaleFactor: ShiftCount: 8
          type: Window scale factor. 3(0x3)
          Length: 3 (0x3)
          ShiftCount: 8 (0x8)
       - SACKPermitted: 
          type: SACK permitted. 4(0x4)
          OptionLength: 2 (0x2)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 1421864 (0x15B228)
          TimestampEchoReply: 86050255 (0x52105CF)

36963   18:15:51 09.12.2014 2914.4487184     (0)    Client IP   Server IP   TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23 
    - Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094201, Ack=1989100424, Win=23
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094201 (0x9766C2F9)
        AcknowledgementNumber: 1989100424 (0x768F4388)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A....
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 23
        Checksum: 0x1082, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050256 (0x52105D0)
          TimestampEchoReply: 1421864 (0x15B228)

36969   18:15:51 09.12.2014 2914.4491115     (0)    Client IP   Server IP   TLS TLS:TLS Rec Layer-1 HandShake: Client Hello.
    - Tcp: Flags=...AP..., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=156, Seq=2540094201 - 2540094357, Ack=1989100424, Win=23
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094201 (0x9766C2F9)
        AcknowledgementNumber: 1989100424 (0x768F4388)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...AP...
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....1...) Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 23
        Checksum: 0xEBA1, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050256 (0x52105D0)
          TimestampEchoReply: 1421864 (0x15B228)
        TCPPayload: SourcePort = 42262, DestinationPort = 443
      TLSSSLData: Transport Layer Security (TLS) Payload Data
    - TLS: TLS Rec Layer-1 HandShake: Client Hello.
      - TlsRecordLayer: TLS Rec Layer-1 HandShake:
         ContentType: HandShake:
       - Version: TLS 1.0
          Major: 3 (0x3)
          Minor: 1 (0x1)
         Length: 151 (0x97)
       - SSLHandshake: SSL HandShake ClientHello(0x01)
          HandShakeType: ClientHello(0x01)
          Length: 147 (0x93)
        - ClientHello: TLS 1.2
         - Version: TLS 1.2
            Major: 3 (0x3)
            Minor: 3 (0x3)
         - RandomBytes: 
            TimeStamp: 12/09/2014, 17:15:52 .0000 UTC 
            RandomBytes: Binary Large Object (28 Bytes)
           SessionIDLength: 0 (0x0)
           CipherSuitesLength: 78
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384     { 0x00, 0xA3 }
            Cipher: 163 (0xA3)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384     { 0x00, 0x9F }
            Cipher: 159 (0x9F)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256     { 0x00, 0x6B }
            Cipher: 107 (0x6B)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256     { 0x00, 0x6A }
            Cipher: 106 (0x6A)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_256_CBC_SHA        { 0x00, 0x39 }
            Cipher: 57 (0x39)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_256_CBC_SHA        { 0x00, 0x38 }
            Cipher: 56 (0x38)
         - TLSCipherSuites: TLS_RSA_WITH_AES_256_GCM_SHA384       { 0x00, 0x9D }
            Cipher: 157 (0x9D)
         - TLSCipherSuites: TLS_RSA_WITH_AES_256_CBC_SHA256         { 0x00, 0x3D }
            Cipher: 61 (0x3D)
         - TLSCipherSuites: TLS_RSA_WITH_AES_256_CBC_SHA            { 0x00, 0x35 }
            Cipher: 53 (0x35)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA        { 0x00,0x16}
            Cipher: 22 (0x16)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA        { 0x00,0x13 }
            Cipher: 19 (0x13)
         - TLSCipherSuites: TLS_RSA_WITH_3DES_EDE_CBC_SHA           { 0x00,0x0A }
            Cipher: 10 (0xA)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256     { 0x00, 0xA2 }
            Cipher: 162 (0xA2)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256     { 0x00, 0x9E }
            Cipher: 158 (0x9E)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256     { 0x00, 0x67 }
            Cipher: 103 (0x67)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256     { 0x00, 0x40 }
            Cipher: 64 (0x40)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_AES_128_CBC_SHA        { 0x00, 0x33 }
            Cipher: 51 (0x33)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_AES_128_CBC_SHA        { 0x00, 0x32 }
            Cipher: 50 (0x32)
         - TLSCipherSuites: TLS_RSA_WITH_AES_128_GCM_SHA256         { 0x00, 0x9C }
            Cipher: 156 (0x9C)
         - TLSCipherSuites: TLS_RSA_WITH_AES_128_CBC_SHA256         { 0x00, 0x3C }
            Cipher: 60 (0x3C)
         - TLSCipherSuites: TLS_RSA_WITH_AES_128_CBC_SHA            { 0x00, 0x2F }
            Cipher: 47 (0x2F)
         - TLSCipherSuites: TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA      { 0x00, 0x66 }
            Cipher: 102 (0x66)
         - TLSCipherSuites: TLS_RSA_WITH_RC4_128_SHA                { 0x00,0x05 }
            Cipher: 5 (0x5)
         - TLSCipherSuites: TLS_RSA_WITH_RC4_128_MD5                { 0x00,0x04 }
            Cipher: 4 (0x4)
         - TLSCipherSuites: TLS_NTRU_NSS_WITH_AES_128_CBC_SHA       { 0x00, 0x63 }
            Cipher: 99 (0x63)
         - TLSCipherSuites: TLS_DHE_RSA_WITH_DES_CBC_SHA             { 0x00,0x15 }
            Cipher: 21 (0x15)
         - TLSCipherSuites: TLS_DHE_DSS_WITH_DES_CBC_SHA             { 0x00,0x12 }
            Cipher: 18 (0x12)
         - TLSCipherSuites: TLS_NTRU_NSS_WITH_3DES_EDE_CBC_SHA      { 0x00, 0x62 }
            Cipher: 98 (0x62)
         - TLSCipherSuites: TLS_RSA_WITH_DES_CBC_SHA                { 0x00,0x09 }
            Cipher: 9 (0x9)
         - TLSCipherSuites: TLS_NTRU_NSS_WITH_RC4_128_SHA           { 0x00, 0x61 }
            Cipher: 97 (0x61)
         - TLSCipherSuites: TLS_NTRU_RSA_WITH_RC4_128_SHA           { 0x00, 0x65 }
            Cipher: 101 (0x65)
         - TLSCipherSuites: TLS_NTRU_NSS_WITH_AES_256_CBC_SHA       { 0x00, 0x64 }
            Cipher: 100 (0x64)
         - TLSCipherSuites: Unknown Cipher
            Cipher: 96 (0x60)
         - TLSCipherSuites: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA    { 0x00,0x14 }
            Cipher: 20 (0x14)
         - TLSCipherSuites: TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   { 0x00,0x11 }
            Cipher: 17 (0x11)
         - TLSCipherSuites: TLS_RSA_EXPORT_WITH_DES40_CBC_SHA       { 0x00,0x08 }
            Cipher: 8 (0x8)
         - TLSCipherSuites: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5      { 0x00,0x06 }
            Cipher: 6 (0x6)
         - TLSCipherSuites: TLS_RSA_EXPORT_WITH_RC4_40_MD5          { 0x00,0x03 }
            Cipher: 3 (0x3)
         - TLSCipherSuites: Unknown Cipher
            Cipher: 255 (0xFF)
           CompressionMethodsLength: 1 (0x1)
           CompressionMethods: 0 (0x0)
           ExtensionsLength: 28 (0x1C)
         - ClientHelloExtension: Signature Algorithms(0x000D)
            ExtensionType: Signature Algorithms(0x000D)
            ExtensionLength: 24 (0x18)
            Data: Binary Large Object (24 Bytes)


36972   18:15:51 09.12.2014 2914.4512965     (0)    Server IP   Client IP   TCP TCP: [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
    - Tcp:  [Bad CheckSum]Flags=...A...., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989100424, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
        SrcPort: HTTPS(443)
        DstPort: 42262
        SequenceNumber: 1989100424 (0x768F4388)
        AcknowledgementNumber: 2540094357 (0x9766C395)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A....
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 2081 (scale factor 0x0) = 2081
        Checksum: 0xEDD2, Bad
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 1421865 (0x15B229)
          TimestampEchoReply: 86050256 (0x52105D0)


36975   18:15:51 09.12.2014 2914.4548786     (4)    Server IP   Client IP   TLS TLS:TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
    - Tcp:  [Bad CheckSum]Flags=...AP..., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=3396, Seq=1989100424 - 1989103820, Ack=2540094357, Win=2081 (scale factor 0x0) = 2081
        SrcPort: HTTPS(443)
        DstPort: 42262
        SequenceNumber: 1989100424 (0x768F4388)
        AcknowledgementNumber: 2540094357 (0x9766C395)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...AP...
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....1...) Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 2081 (scale factor 0x0) = 2081
        Checksum: 0xEDB2, Bad
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 1421865 (0x15B229)
          TimestampEchoReply: 86050256 (0x52105D0)
        TCPPayload: SourcePort = 443, DestinationPort = 42262
      TLSSSLData: Transport Layer Security (TLS) Payload Data
    - TLS: TLS Rec Layer-1 HandShake: Server Hello. Certificate. Server Key Exchange. Server Hello Done.
      - TlsRecordLayer: TLS Rec Layer-1 HandShake:
         ContentType: HandShake:
       - Version: TLS 1.2
          Major: 3 (0x3)
          Minor: 3 (0x3)
         Length: 3391 (0xD3F)
       - SSLHandshake: SSL HandShake Server Hello Done(0x0E)
          HandShakeType: ServerHello(0x02)
          Length: 77 (0x4D)
        - ServerHello: 0x1
         - Version: TLS 1.2
            Major: 3 (0x3)
            Minor: 3 (0x3)
         - RandomBytes: 
            TimeStamp: 12/09/2014, 17:15:51 .0000 UTC 
            RandomBytes: Binary Large Object (28 Bytes)
           SessionIDLength: 32 (0x20)
           SessionID: Binary Large Object (32 Bytes)
           TLSCipherSuite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384     { 0x00, 0x9F }
           CompressionMethods: 0 (0x0)
           ExtensionsLength: 5 (0x5)
         - ServerHelloExtension: Renegotiation Info(0xFF01)
            ExtensionType: Renegotiation Info(0xFF01)
            ExtensionLength: 1 (0x1)
            Data: Binary Large Object (1 Bytes)
          HandShakeType: Certificate(0x0B)
          Length: 2648 (0xA58)
        - Cert: 0x1
           CertLength: 2645 (0xA55)
         + Certificates: 
         + Certificates: 
          HandShakeType: Server Key Exchange(0x0C)
          Length: 650 (0x28A)
          ServerKeyExchange: Binary Large Object (650 Bytes)
          HandShakeType: Server Hello Done(0x0E)
          Length: 0 (0x0)

36976   18:15:51 09.12.2014 2914.4577770     (0)    Client IP   Server IP   TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35

    - Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989101872, Win=35
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094357 (0x9766C395)
        AcknowledgementNumber: 1989101872 (0x768F4930)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A....
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 35
        Checksum: 0xA2F, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050258 (0x52105D2)
          TimestampEchoReply: 1421865 (0x15B229)


36980   18:15:51 09.12.2014 2914.4581476     (0)    Client IP   Server IP   TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
    - Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103320, Win=46
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094357 (0x9766C395)
        AcknowledgementNumber: 1989103320 (0x768F4ED8)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A....
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 46
        Checksum: 0x47C, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050258 (0x52105D2)
          TimestampEchoReply: 1421865 (0x15B229)

36983   18:15:51 09.12.2014 2914.4582581     (0)    Client IP   Server IP   TCP TCP:Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57

    - Tcp: Flags=...A...., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=0, Seq=2540094357, Ack=1989103820, Win=57
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094357 (0x9766C395)
        AcknowledgementNumber: 1989103820 (0x768F50CC)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A....
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 57
        Checksum: 0x27D, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050258 (0x52105D2)
          TimestampEchoReply: 1421865 (0x15B229)

36987   18:15:51 09.12.2014 2914.4613152     (0)    Client IP   Server IP   TLS TLS:TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
    - Tcp: Flags=...AP..., SrcPort=42262, DstPort=HTTPS(443), PayloadLen=190, Seq=2540094357 - 2540094547, Ack=1989103820, Win=57
        SrcPort: 42262
        DstPort: HTTPS(443)
        SequenceNumber: 2540094357 (0x9766C395)
        AcknowledgementNumber: 1989103820 (0x768F50CC)
      - DataOffset: 128 (0x80)
         DataOffset: (1000....) 32 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...AP...
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....1...) Push Function
         Reset:  (.....0..) No Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 57
        Checksum: 0x63CB, Good
        UrgentPointer: 0 (0x0)
      - TCPOptions: 
       - NoOption: 
          type: No operation. 1(0x1)
       - NoOption: 
          type: No operation. 1(0x1)
       - TimeStamp: 
          type: Timestamp. 8(0x8)
          Length: 10 (0xA)
          TimestampValue: 86050259 (0x52105D3)
          TimestampEchoReply: 1421865 (0x15B229)
        TCPPayload: SourcePort = 42262, DestinationPort = 443
      TLSSSLData: Transport Layer Security (TLS) Payload Data
    - TLS: TLS Rec Layer-1 HandShake: Client Key Exchange.; TLS Rec Layer-2 Cipher Change Spec; TLS Rec Layer-3 HandShake: Encrypted Handshake Message.
      - TlsRecordLayer: TLS Rec Layer-1 HandShake:
         ContentType: HandShake:
       - Version: TLS 1.2
          Major: 3 (0x3)
          Minor: 3 (0x3)
         Length: 134 (0x86)
       - SSLHandshake: SSL HandShake Client Key Exchange(0x10)
          HandShakeType: Client Key Exchange(0x10)
          Length: 130 (0x82)
          ClientKeyExchange: Binary Large Object (130 Bytes)
      - TlsRecordLayer: TLS Rec Layer-2 Cipher Change Spec
         ContentType: Cipher Change Spec
       - Version: TLS 1.2
          Major: 3 (0x3)
          Minor: 3 (0x3)
         Length: 1 (0x1)
       - ChangeCipherSpec: 0x1
          ChangeCipherSpecValue: 1 (0x1)
      - TlsRecordLayer: TLS Rec Layer-3 HandShake:
         ContentType: HandShake:
       - Version: TLS 1.2
          Major: 3 (0x3)
          Minor: 3 (0x3)
         Length: 40 (0x28)
       - SSLHandshake: SSL HandShake Client Key Exchange(0x10)
          EncryptedHandshakeMessage: Binary Large Object (40 Bytes)

36993   18:15:51 09.12.2014 2914.4634018     (4)    Server IP   Client IP   TCP TCP: [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0
    - Tcp:  [Bad CheckSum]Flags=...A.R.., SrcPort=HTTPS(443), DstPort=42262, PayloadLen=0, Seq=1989103820, Ack=2540094547, Win=0 (scale factor 0x0) = 0
        SrcPort: HTTPS(443)
        DstPort: 42262
        SequenceNumber: 1989103820 (0x768F50CC)
        AcknowledgementNumber: 2540094547 (0x9766C453)
      - DataOffset: 80 (0x50)
         DataOffset: (0101....) 20 bytes
         Reserved:   (....000.)
         NS:         (.......0) Nonce Sum not significant
      - Flags: ...A.R..
         CWR:    (0.......) CWR not significant
         ECE:    (.0......) ECN-Echo not significant
         Urgent: (..0.....) Not Urgent Data
         Ack:    (...1....) Acknowledgement field significant
         Push:   (....0...) No Push Function
         Reset:  (.....1..) Reset
         Syn:    (......0.) Not Synchronize sequence numbers
         Fin:    (.......0) Not End of data
        Window: 0 (scale factor 0x0) = 0
        Checksum: 0xEDC6, Bad
        UrgentPointer: 0 (0x0)

EDIT: 2014.12.12 problema resuelto

El problema real se debía a un securitypatch de MS ( enlace ). Y el lado del cliente había cambiado de tener TLS1.0 como predeterminado, preferido a TLS1.2. Con el parche mencionado anteriormente de MS funciona bien comunicarse con TLS1.0, pero no con TLS1.1 o TLS1.2. La solución final fue deshabilitar el uso de estos nuevos cifrados en nuestro lado del servidor. Ahora ambas partes hablan alegremente juntas sobre TLS1.2.

Gracias a todos por su tiempo.

Saludos

Roy

    
pregunta Roy 10.12.2014 - 12:21
fuente

0 respuestas

Lea otras preguntas en las etiquetas