THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question

Revision history  [back]

Revision 2
grahamb's avatar
23.8k
grahamb
updated 2022-02-04 15:25:37 +0000

Help with TLS1.2 connection issue

Hi experts,

We have a problem with a .net web app trying to connect to some Web Service. We are not sure what is going on. I am not sure if this is a TLS1.2 connection issue or something else. I have this WireShark trace summary. I can see the client sending a FIN request but not sure if this the TLS 1.2 handshake finished OK or not:

733 6.169095  Application .Net IP      mid tier IP(WS)  TCP      66     55137 > https [SYN, ECN, CWR] Seq=0 Win=8192 Len=0 MSS=1410 WS=256 SACK_PERM=1
735 6.170224  Application .Net IP      mid tier IP(WS)  TCP      54     55137 > https [ACK] Seq=1 Ack=1 Win=1048832 Len=0
736 6.170889  Application .Net IP      mid tier IP(WS)  TLSv1.2  243    Client Hello
737 6.173031  mid tier IP(WS)      Application .Net IP  TLSv1.2  1464   Server Hello
738 6.173137  mid tier IP(WS)      Application .Net IP  TLSv1.2  1359   Certificate, Server Key Exchange, Server Hello Done
739 6.173149  Application .Net IP      mid tier IP(WS)  TCP      54     55137 > https [ACK] Seq=190 Ack=2716 Win=1048832 Len=0
740 6.178450  Application .Net IP      mid tier IP(WS)  TLSv1.2  236    Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
741 6.179193  mid tier IP(WS)      Application .Net IP  TLSv1.2  400    Encrypted Handshake Message, Change Cipher Spec, Encrypted Handshake Message
742 6.184131  Application .Net IP      mid tier IP(WS)  TLSv1.2  2843   Application Data
743 6.184425  mid tier IP(WS)      Application .Net IP  TCP      60     https > 55137 [ACK] Seq=3062 Ack=3161 Win=2097920 Len=0
758 6.293462  mid tier IP(WS)      Application .Net IP  TLSv1.2  715    Application Data
759 6.309837  Application .Net IP      mid tier IP(WS)  TCP      54     55137 > https [ACK] Seq=3161 Ack=3723 Win=1047808 Len=0
760 6.359905  Application .Net IP      mid tier IP(WS)  TCP      54     55137 > https [FIN, ACK] Seq=3161 Ack=3723 Win=1047808 Len=0
761 6.360152  mid tier IP(WS)      Application .Net IP  TCP      60     https > 55137 [ACK] Seq=3723 Ack=3162 Win=2097920 Len=0
762 6.360256  mid tier IP(WS)      Application .Net IP  TLSv1.2  139    Encrypted Alert
763 6.360260  mid tier IP(WS)      Application .Net IP  TCP      60     https > 55137 [FIN, ACK] Seq=3808 Ack=3162 Win=2097920 Len=0
764 6.360300  Application .Net IP      mid tier IP(WS)  TCP      54     55137 > https [RST, ACK] Seq=3162 Ack=3808 Win=0 Len=0
765 6.360335  Application .Net IP      mid tier IP(WS)  TCP      54     55137 > https [RST] Seq=3162 Win=0 Len=0
Revision 1
eyalg's avatar
1
eyalg
asked 2022-02-04 14:39:26 +0000

Help with TLS1.2 connection issue

Hi experts,

We have a problem with a .net web app trying to connect to some Web Service. We are not sure what is going on. I am not sure if this is a TLS1.2 connection issue or something else. I have this WireShark trace summary. I can see the client sending a FIN request but not sure if this the TLS 1.2 handshake finished OK or not:

 
733 6.169095  Application .Net IP      mid tier IP(WS)   Application .Net IP          mid tier IP(WS)          TCP      66     55137 > https [SYN, ECN, CWR] Seq=0 Win=8192 Len=0 MSS=1410 WS=256 SACK_PERM=1
SACK_PERM=1
 
735 6.170224  Application .Net IP      mid tier IP(WS)   Application .Net IP          mid tier IP(WS)          TCP      54     55137 > https [ACK] Seq=1 Ack=1 Win=1048832 Len=0
Len=0
 
736 6.170889  Application .Net IP      mid tier IP(WS)   Application .Net IP          mid tier IP(WS)          TLSv1.2  243    Client Hello
Hello
 
737 6.173031  mid tier IP(WS)      Application .Net IP   mid tier IP(WS)          Application .Net IP          TLSv1.2  1464   Server Hello
Hello
 
738 6.173137  mid tier IP(WS)      Application .Net IP   mid tier IP(WS)          Application .Net IP          TLSv1.2  1359   Certificate, Server Key Exchange, Server Hello Done
Done
 
739 6.173149  Application .Net IP      mid tier IP(WS)   Application .Net IP          mid tier IP(WS)          TCP      54     55137 > https [ACK] Seq=190 Ack=2716 Win=1048832 Len=0
Len=0
 
740 6.178450  Application .Net IP      mid tier IP(WS)   Application .Net IP          mid tier IP(WS)          TLSv1.2  236    Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
Message
 
741 6.179193  mid tier IP(WS)      Application .Net IP   mid tier IP(WS)          Application .Net IP          TLSv1.2  400    Encrypted Handshake Message, Change Cipher Spec, Encrypted Handshake Message
Message
 
742 6.184131  Application .Net IP      mid tier IP(WS)   Application .Net IP          mid tier IP(WS)          TLSv1.2  2843   Application Data
Data
 
743 6.184425  mid tier IP(WS)      Application .Net IP   mid tier IP(WS)          Application .Net IP          TCP      60     https > 55137 [ACK] Seq=3062 Ack=3161 Win=2097920 Len=0
Len=0
 
758 6.293462  mid tier IP(WS)      Application .Net IP   mid tier IP(WS)          Application .Net IP          TLSv1.2  715    Application Data
Data
 
759 6.309837  Application .Net IP      mid tier IP(WS)   Application .Net IP          mid tier IP(WS)          TCP      54     55137 > https [ACK] Seq=3161 Ack=3723 Win=1047808 Len=0
Len=0
 
760 6.359905  Application .Net IP      mid tier IP(WS)   Application .Net IP          mid tier IP(WS)          TCP      54     55137 > https [FIN, ACK] Seq=3161 Ack=3723 Win=1047808 Len=0
Len=0
 
761 6.360152  mid tier IP(WS)      Application .Net IP   mid tier IP(WS)          Application .Net IP          TCP      60     https > 55137 [ACK] Seq=3723 Ack=3162 Win=2097920 Len=0
 762 6.360256  mid tier IP(WS)      Application .Net IP   mid tier IP(WS)          Application .Net IP          TLSv1.2  139    Encrypted Alert
Alert
 
763 6.360260  mid tier IP(WS)      Application .Net IP   mid tier IP(WS)          Application .Net IP          TCP      60     https > 55137 [FIN, ACK] Seq=3808 Ack=3162 Win=2097920 Len=0
Len=0
 
764 6.360300  Application .Net IP      mid tier IP(WS)   Application .Net IP          mid tier IP(WS)          TCP      54     55137 > https [RST, ACK] Seq=3162 Ack=3808 Win=0 Len=0
Len=0
 
765 6.360335  Application .Net IP      mid tier IP(WS)   Application .Net IP          mid tier IP(WS)          TCP      54     55137 > https [RST] Seq=3162 Win=0 Len=0
Len=0