2way SSL is set in IIS, in browser a client certificate is required, but when i capture the traffic in wireshark i see the handshake type is '11'

I have an IIS server in which ssl setting is set to required for client certificates. even the client certificates are added to IIS server and each user has its own certificate and there is no way to connect to server without client certificate. But when i capture the traffic i don't see the certificate request packet in wireshark and the handshake type is '11'

A "Certificate Request" from the server should appear between the "Server Hello" and "Server Hello Done" messages and can be located using a display filter of tls.handshake.type == 13.

The handshake type 11 is for an actual certificate that is being transmitted in either direction and should be present for the server certificate and if the client sends a certificate.

If you don't see the certificate request then the server (or possibly an intervening proxy) isn't requesting a client certificate.

23.8k

grahamb

answered 2020-08-03 11:17:37 +0000

edit flag offensive 0 remove flag delete link

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

2way SSL is set in IIS, in browser a client certificate is required, but when i capture the traffic in wireshark i see the handshake type is '11' edit

Comments

1 Answer

Comments