zoukankan      html  css  js  c++  java
  • wireshark抓包client Certificate

    wireshark抓包之后,过滤语法ip.src==13.230.10.3 or ip.dst==13.230.10.3

    13.230.10.3是服务器的ip

    ip.src==13.230.10.3,用来查看服务器发给客户端的请求

    ip.dst==13.230.10.3,用来查看客户端发给服务器的请求

    服务要求进行client certificate认证,做两次实验,分别是客户端带证书和客户端不附带证书

    不带证书进行请求的话,certificates length是0

    要求客户端证书验证,但是客户端没有提供,最后服务器会中断请求。一个Encrypted Alert

    https://support.f5.com/csp/article/K95610370

    Alert Message: Encrypted Alert. The Content Type: Alert (21) designates a Close Notify. You would need to decrypt the packet for Wireshark to show the Close Notify. None. This is normal and is used by the TLS protocol for notifying the peer that the connection can be closed.

    https://datatracker.ietf.org/doc/html/rfc5246#section-7.2

       decryption_failed_RESERVED(21),

    附带证书进行请求的话,certificates length是1683

  • 相关阅读:
    React-使用combineReducers完成对数据对拆分管理
    Linux
    Linux
    linux
    linux
    Linux
    Linux
    Linux
    Linux
    Linux 系统基础优化和常用命令
  • 原文地址:https://www.cnblogs.com/chucklu/p/15671771.html
Copyright © 2011-2022 走看看