Re: Strange SSL decode issue (SUPL, ULP)

["Ralf G. R. Bergs" <Ralf+WireShark () bergs biz>]

Hi Jaap.

Thanks.

On 2015-04-17 07:18 , Jaap Keuter wrote:
> On 04/15/2015 11:21 AM, Ralf G. R. Bergs wrote:
> > Hi Jaap.
> >
> > Thanks for your reply.
> >
> > On 2015-04-15 07:59 , Jaap Keuter wrote:
> > > > ssl_decrypt_pre_master_secret: session uses DH (17) key exchange, which is
> > > > impossible to decrypt
> > > As the debug log says, one backend node does while the other doesn't use a DH
> > > key exchange. I would look carefully at the crypto configuration of both backend
> > > nodes.
> > Sorry if I'm asking this question (it's because I'm not an expert in
> > this area), is it absolutely clear that there must be a config issue on
> > the server side? Or can it also be an issue with client behavior? That
> > the client in the one session behaved differently than in the other?
> >
> > If you're really confident that it is a server-side issue, can you maybe
> > give me some hints where to look at? Would it be at the JVM level? Maybe
> > crypto policy files being different? Or Tomcat webapp container config?
> > Or even the webapp config itself?
> From the detailed description you've given this certainly is a point of
> interest, but it would take more measurements to say for certain. As for the
> server component that could cause this, I have no clue either.
So what would you propose in case I encounter such issue again? Send a
ssl-debug.log?

KR,

Ralf


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe