陳秀虹 wrote:
Thanks for the explanation.
I am having problem with "Encrypted Alert".
At first I thought it's because the Session ID length 0 is not correct.
If this is not the problem, I really can't tell where it went wrong from
packets
I captured. I searched the web and I think "Encrypted Alert" means that
the alert is being encrypted. Is there any way I can decrypted the alert
message? Can someone give me any hint?
Attached is the .cap file. Thanks in advance.
Here is what I have.
from Client : Client Hello
from Server: Server Hello, Certificate, Server Hello Done
from Client : Client Key Exchange, Change Cipher Spec,
Encrypted Handshake Message
from Server: Change Cipher Spec
from Server: Encrypted Handshake Message
from Server: Encrypted Alert
From your capture file,
- I can see that your server certificate has a few problems (expiry
date, name, etc.). Well if your client ignores all this and the key is
good then we may progress.
- Probably the server is failing in the Client_Pre_Master check, so it
maybe using a random value and then eventually failing when verifying
the Client Finished message, and sends an alert.
So either the client doesn't send a proper pre-master encrypted with
server's RSA public key; or you have a problem on the server side. If
so, you can check the server logs or better if you can debug server
(then you could check what happens in ssl3_get_client_key_exchange()).
-jb
--
Real computer scientists don't comment their code. The identifiers are
so long they can't afford the disk space.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
