Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 7776] New: SSL/TLS Server's Client Certificate Request mes

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 1 Oct 2012 04:01:28 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7776

           Summary: SSL/TLS Server's Client Certificate Request message no
                    longer being shown
           Product: Wireshark
           Version: 1.8.2
          Platform: x86
        OS/Version: Windows XP
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: nigel.tedeschi@xxxxxx


Build Information:
Version 1.6.3 (SVN Rev 39702 from /trunk-1.6)

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (32-bit) with GTK+ 2.22.1, with GLib 2.26.1, with WinPcap (version
unknown), with libz 1.2.5, without POSIX capabilities, without libpcre, with
SMI
0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.10.3,
with
Gcrypt 1.4.6, with MIT Kerberos, with GeoIP, with PortAudio V19-devel (built
Nov
 1 2011), with AirPcap.

Running on Windows XP Service Pack 3, build 2600, with WinPcap version 4.1.2
(packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch 1_0_rel0b
(20091008), GnuTLS 2.10.3, Gcrypt 1.4.6, without AirPcap.

Built using Microsoft Visual C++ 9.0 build 21022

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
FYI - the same issue appears on version 1.8.2 on other test machines.

We are performing SSL/TLS mutual authentication between a Set Top Box & Apache
server 2.2 in support of TR0-69 protocol. While the Apache server mutual
authentication directives are applied and triggered, wireshare isn't displaying
the server's request for the client certificate message, or the clients
certificate(s) sent in return. I'm sure this feature has worked in the past,
however I cannot remember on which version of the software.

Note I've been using openssl s_client to prove mutual authentication does in
fact work. see example below.

1. opensssl s_client -connect <FQDN>:<PORT> -showcerts -prexit
2. GET /protected/janebloggs/index.html  # note this assumes the resource
/protected/janebloggs/index.html is protected by mutual authentication.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube