Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-users: [Wireshark-users] Spotting HTTPS handshake problem with Wireshark

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: Mariano Eloy Fernández <mefernandez@xxxxxxxxxx>
Date: Tue, 6 Oct 2009 10:40:40 +0200

Hi,

I am new to Wireshark and I'm trying to analyze the following set up.
There's a problem in a HTTPS communication. The client is authenticating with a valid certificate. The server is giving us a 403 error code.
The server admin has sent me a .cap file captured with Wireshark.
How can I filter all this traffic data to spot the error? There's just too much data in there.

I am used to going through SSL log files generated with Java when javax.net.debug is on.
I usually search for something like "Bad certificate" or "Unkown Certificate" or "No chain".
How can I transform this .cap data into something I can read and understand with Wireshark?

Thanks in advance,

Mariano.
  • Follow-Ups:
    • Re: [Wireshark-users] Spotting HTTPS handshake problem with Wireshark
      • From: Martin Visser
  • Prev by Date: Re: [Wireshark-users] Wireshark Lua question.
  • Next by Date: [Wireshark-users] How to add SNMP MIBs?
  • Previous by thread: Re: [Wireshark-users] Wireshark Lua question.
  • Next by thread: Re: [Wireshark-users] Spotting HTTPS handshake problem with Wireshark
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation