Hello, > I try to connect a client to an SSL server in SSL 3.0 mode. > I do not achieve to have the SSL connexion. > When I look at the IP streams, I can see the Hello client message and the > handshake phase during which I see the certificate sent by the server to the > client ( during this phase, I can see that the message content type is 22 > which > is normal). > > After that, I can see the change cipher message sent by the server (whose > content type is 20 (14 in hexadecimal representation -b see below the > stream..) > extract : > 00000000 14030000 01011603 00004058 b733e063 |[EMAIL PROTECTED]| > 00000010 af7fad75 c0880025 684d3a3a 2caeb950 |...u...%hM::,..P| > 00000020 b093b5c6 1b571fa3 a683be1b 2992e60c |.....W......)...| > 00000030 869cb580 38fbb8c2 e21006de f78f6bf9 |....8.........k.| > 00000040 9cab96d8 b5a9d57f 6d4412 |........mD. | > > But then, the client , instead of sending me an applicative message ( content > type 23 (17 in hexadecimal representation), sends me a message whose content > type is 21( 15 in hex) see below the corresponding IP stream. > 00000000 15030000 18e35af3 0b16fb3f 1855e19c |......Z....?.U..| > 00000010 e2fae11f 40418fa5 f7d422e8 58 |[EMAIL PROTECTED]".X | > > Can anyone tells me what this message means ? ( I have not seen it in my SSL > documents). This is alert message. This message informs server of some error/warning send from client to server. After exchange of ChangeCipherSpec alert message are encrypted (as in your example) and based on this dump is hard to say why client sends this Alert. When alert message is unencrypted it has length of 7 bytes (5- header, 2-alert data).
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
