First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

I am getting a Encryption alert from the Server and connection resets

  • retag add tags

I am getting a Encryption alert from the Server after the server and client have exchanged application data. The Error codes do not seem consistent between the Alert Description Types. This is happening in my Proxy to external server, after this encrypted alert proxy is reseting the connection and the proxy clients are getting gateway timeouts. Why would the proxy getting an alert after several application packets have passed successfully? Thank you in advance

asked 2018-04-11 00:30:52 +0000
This post is a wiki. Anyone with karma >750 is welcome to improve it.
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

To clarify:

You talk about SSL/TLS connections? You get a TLS Record with content type "Alert" (21)?

This "alert" is used in SSL/TLS for notifying to close the connection. So it's quit normal to see "Encrypted Alert" at the end of a SSL/TLS session. Normally when there is no more data to send, the sender sends this TLS Alert.

Uli's avatar
1.1k
Uli
answered 2018-04-11 06:11:00 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Hi Thanks for your reply.

Actually my traffic flow is Client--> proxy --> Server. in the flow client and server is exchanging the application data, at some point Server is sending Encrypted alert (21) is sending to proxy and so proxy is resetting the connection, so proxy sends back gateway timeout to the client. here why server is sending this alert in the middle of application data transaction. thanks in advance.

Saravanan's avatar Saravanan (2018-04-12 06:53:12 +0000) edit
more
  • delete

As said, most of the times, a "Encrypted Alert" record contains the "Close notify" message. To be sure what's inside the "Encrypted Alert" message you need the plaintext.

If your client application is a browser (e.g. Chrome or Firefox) you can give it a try with using SSLKEYLOG (s. https://www.youtube.com/watch?v=bwJEB...)

Uli's avatar Uli (2018-04-12 12:22:55 +0000) edit
more
  • delete

I am getting Encrypted Alert (21), when client attempt to send app data to server, this happens in following order client hello server hello, certificate, server key exchange, server hello done client key exchange, Change cypher spec, encrypted handshake change cypher spec, encrypted handshake (from server) encrypted alert

I could not decrypt. But wondering what could go wrong after cipher negotiation and encrypted handshakes Appreciate Any help

Pramma's avatar Pramma (2018-11-23 06:52:18 +0000) edit
more
  • delete

Did you ever figure what the problem was?

I am getting the same Alert 21 sent by the client instead of Client Key Exchange, Change Cipher Spec Encrypted Handshake

net_tech's avatar net_tech (2018-12-23 01:49:40 +0000) edit
more
  • delete

Hi, we are facing the same client-proxy-server timeout issue..can you let me know what finally helped you guys resolve the issue pls...

AP's avatar AP (2019-09-25 22:13:12 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer