hallo,
ich muss für ein bezahlsystem das SSL-Handshake protokoll mittels PHP + Curl umsetzen. soweit ich das in wireshark sehe, klappt der handshake auch. nur leider tritt danach ein fehler auf den weder ich noch der anbieter verstehen, mgl. ein curl bug oä. deswegen möchte ich mir gerne mittels wireshark anschauen was denn genau da passiert. der Handshake besitzt alle 4 Phasen, also mit Client und Server Certifikat sowie keyfile. wüsste jemand wie ich das mit wireshark (oder nem anderen programm) debuggen kann? finde nur etwas zu keyfile, nichts zu zertifikaten
gruß und danke!
p.s.: ist ein cross-post, weil in einem gut besuchten forum seit gestern niemand geantwortet hat unds ein sehr spezielles thema ist...
pps: weiß einer was "Encrypted Alert" bei einem SSL-Handshake bedeutet?
wireshark ssl log:
ich muss für ein bezahlsystem das SSL-Handshake protokoll mittels PHP + Curl umsetzen. soweit ich das in wireshark sehe, klappt der handshake auch. nur leider tritt danach ein fehler auf den weder ich noch der anbieter verstehen, mgl. ein curl bug oä. deswegen möchte ich mir gerne mittels wireshark anschauen was denn genau da passiert. der Handshake besitzt alle 4 Phasen, also mit Client und Server Certifikat sowie keyfile. wüsste jemand wie ich das mit wireshark (oder nem anderen programm) debuggen kann? finde nur etwas zu keyfile, nichts zu zertifikaten
gruß und danke!
p.s.: ist ein cross-post, weil in einem gut besuchten forum seit gestern niemand geantwortet hat unds ein sehr spezielles thema ist...
pps: weiß einer was "Encrypted Alert" bei einem SSL-Handshake bedeutet?
wireshark ssl log:
ssl_init keys string:
XX.XX.XX.XX,443,tlsv1,C:\Programme\OpenSSL\bin\f.p em
ssl_init found host entry XX.XX.XX.XX,443,tlsv1,C:\Programme\OpenSSL\bin\f.p em
ssl_init addr 'XX.XX.XX.XX' port '443' filename 'C:\Programme\OpenSSL\bin\f.pem' password(only for p12 file) '(null)'
ssl_init private key file C:\Programme\OpenSSL\bin\f.pem successfully loaded
association_add TCP port 443 protocol tlsv1 handle 00000000
association_add could not find handle for protocol 'tlsv1', try to find 'data' dissector
association_find: TCP port 993 found 03A4CAD8
ssl_association_remove removing TCP 993 - imap handle 02962C98
association_add TCP port 993 protocol imap handle 02962C98
association_find: TCP port 995 found 03A4CB18
ssl_association_remove removing TCP 995 - pop handle 03744CB8
association_add TCP port 995 protocol pop handle 03744CB8
dissect_ssl enter frame #28 (first time)
ssl_session_init: initializing ptr 04C02258 size 564
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
dissect_ssl server XX.XX.XX.XX:443
conversation = 04C02080, ssl_session = 04C02258
client random len: 16 padded to 32
dissect_ssl enter frame #30 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record found version 0x0301 -> state 0x11
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 42 ssl, state 0x11
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13
ssl_restore_session can't find stored session
dissect_ssl3_hnd_srv_hello can't find cipher suite 0x39
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 777 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 397 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 4 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240
dissect_ssl enter frame #31 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 134 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, remaining 139
dissect_ssl3_handshake found SSL_HND_CLIENT_KEY_EXCHG state 0x13
dissect_ssl3_handshake not enough data to generate key (required 0x17)
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
ssl_change_cipher CLIENT
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 48 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 27 offset 150 length 4113341 bytes, remaining 198
dissect_ssl enter frame #32 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
ssl_change_cipher SERVER
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 48 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 240 offset 11 length 4014622 bytes, remaining 59
dissect_ssl enter frame #33 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 23
decrypt_ssl3_record: app_data len 976 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 2461 found 00000000
association_find: TCP port 443 found 03C3C428
dissect_ssl enter frame #34 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 32 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 218 offset 5 length 10349475 bytes, remaining 37
dissect_ssl enter frame #35 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 112 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 70 offset 5 length 14914297 bytes, remaining 117
dissect_ssl enter frame #36 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 64 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 121 offset 5 length 14314602 bytes, remaining 69
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 800 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 45 offset 74 length 12776837 bytes, remaining 874
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 432 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 250 offset 879 length 8236840 bytes, remaining 1311
dissect_ssl enter frame #37 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 208 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 158 offset 5 length 12025191 bytes, remaining 213
dissect_ssl enter frame #39 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 912 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 221 offset 5 length 3401459 bytes, remaining 917
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 160 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 158 offset 922 length 16467235 bytes, remaining 1082
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 288 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 67 offset 1087 length 14778176 bytes, remaining 1375
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
ssl_change_cipher CLIENT
dissect_ssl enter frame #40 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 48 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 17 offset 5 length 1135225 bytes, remaining 53
dissect_ssl enter frame #41 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
ssl_change_cipher SERVER
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 48 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 0 offset 42 length 12263776 bytes, remaining 90
dissect_ssl enter frame #43 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 23
decrypt_ssl3_record: app_data len 320 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 443 found 03C3C428
dissect_ssl3_record: content_type 23
decrypt_ssl3_record: app_data len 976 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 443 found 03C3C428
dissect_ssl enter frame #44 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 21
decrypt_ssl3_record: app_data len 32 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl enter frame #46 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 21
decrypt_ssl3_record: app_data len 32 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl enter frame #31 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, remaining 139
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 27 offset 150 length 4113341 bytes, remaining 198
dissect_ssl enter frame #30 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240
dissect_ssl enter frame #46 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 21
dissect_ssl enter frame #28 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl enter frame #41 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 0 offset 42 length 12263776 bytes, remaining 90
dissect_ssl enter frame #43 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 23
association_find: TCP port 443 found 03C3C428
dissect_ssl3_record: content_type 23
association_find: TCP port 443 found 03C3C428
dissect_ssl enter frame #44 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 21
dissect_ssl enter frame #43 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 23
association_find: TCP port 443 found 03C3C428
dissect_ssl3_record: content_type 23
association_find: TCP port 443 found 03C3C428
dissect_ssl enter frame #30 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240
dissect_ssl enter frame #31 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, remaining 139
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 27 offset 150 length 4113341 bytes, remaining 198
dissect_ssl enter frame #30 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240
XX.XX.XX.XX,443,tlsv1,C:\Programme\OpenSSL\bin\f.p em
ssl_init found host entry XX.XX.XX.XX,443,tlsv1,C:\Programme\OpenSSL\bin\f.p em
ssl_init addr 'XX.XX.XX.XX' port '443' filename 'C:\Programme\OpenSSL\bin\f.pem' password(only for p12 file) '(null)'
ssl_init private key file C:\Programme\OpenSSL\bin\f.pem successfully loaded
association_add TCP port 443 protocol tlsv1 handle 00000000
association_add could not find handle for protocol 'tlsv1', try to find 'data' dissector
association_find: TCP port 993 found 03A4CAD8
ssl_association_remove removing TCP 993 - imap handle 02962C98
association_add TCP port 993 protocol imap handle 02962C98
association_find: TCP port 995 found 03A4CB18
ssl_association_remove removing TCP 995 - pop handle 03744CB8
association_add TCP port 995 protocol pop handle 03744CB8
dissect_ssl enter frame #28 (first time)
ssl_session_init: initializing ptr 04C02258 size 564
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
dissect_ssl server XX.XX.XX.XX:443
conversation = 04C02080, ssl_session = 04C02258
client random len: 16 padded to 32
dissect_ssl enter frame #30 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record found version 0x0301 -> state 0x11
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 42 ssl, state 0x11
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13
ssl_restore_session can't find stored session
dissect_ssl3_hnd_srv_hello can't find cipher suite 0x39
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 777 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 397 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 4 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240
dissect_ssl enter frame #31 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 134 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, remaining 139
dissect_ssl3_handshake found SSL_HND_CLIENT_KEY_EXCHG state 0x13
dissect_ssl3_handshake not enough data to generate key (required 0x17)
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
ssl_change_cipher CLIENT
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 48 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 27 offset 150 length 4113341 bytes, remaining 198
dissect_ssl enter frame #32 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
ssl_change_cipher SERVER
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 48 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 240 offset 11 length 4014622 bytes, remaining 59
dissect_ssl enter frame #33 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 23
decrypt_ssl3_record: app_data len 976 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 2461 found 00000000
association_find: TCP port 443 found 03C3C428
dissect_ssl enter frame #34 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 32 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 218 offset 5 length 10349475 bytes, remaining 37
dissect_ssl enter frame #35 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 112 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 70 offset 5 length 14914297 bytes, remaining 117
dissect_ssl enter frame #36 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 64 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 121 offset 5 length 14314602 bytes, remaining 69
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 800 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 45 offset 74 length 12776837 bytes, remaining 874
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 432 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 250 offset 879 length 8236840 bytes, remaining 1311
dissect_ssl enter frame #37 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 208 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 158 offset 5 length 12025191 bytes, remaining 213
dissect_ssl enter frame #39 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 912 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 221 offset 5 length 3401459 bytes, remaining 917
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 160 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 158 offset 922 length 16467235 bytes, remaining 1082
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 288 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 67 offset 1087 length 14778176 bytes, remaining 1375
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
ssl_change_cipher CLIENT
dissect_ssl enter frame #40 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 48 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 17 offset 5 length 1135225 bytes, remaining 53
dissect_ssl enter frame #41 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
ssl_change_cipher SERVER
dissect_ssl3_record: content_type 22
decrypt_ssl3_record: app_data len 48 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 0 offset 42 length 12263776 bytes, remaining 90
dissect_ssl enter frame #43 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 23
decrypt_ssl3_record: app_data len 320 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 443 found 03C3C428
dissect_ssl3_record: content_type 23
decrypt_ssl3_record: app_data len 976 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 443 found 03C3C428
dissect_ssl enter frame #44 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 21
decrypt_ssl3_record: app_data len 32 ssl, state 0x13
association_find: TCP port 2461 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl enter frame #46 (first time)
conversation = 04C02080, ssl_session = 04C02258
dissect_ssl3_record: content_type 21
decrypt_ssl3_record: app_data len 32 ssl, state 0x13
association_find: TCP port 443 found 03C3C428
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl enter frame #31 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, remaining 139
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 27 offset 150 length 4113341 bytes, remaining 198
dissect_ssl enter frame #30 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240
dissect_ssl enter frame #46 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 21
dissect_ssl enter frame #28 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl enter frame #41 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 0 offset 42 length 12263776 bytes, remaining 90
dissect_ssl enter frame #43 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 23
association_find: TCP port 443 found 03C3C428
dissect_ssl3_record: content_type 23
association_find: TCP port 443 found 03C3C428
dissect_ssl enter frame #44 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 21
dissect_ssl enter frame #43 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 23
association_find: TCP port 443 found 03C3C428
dissect_ssl3_record: content_type 23
association_find: TCP port 443 found 03C3C428
dissect_ssl enter frame #30 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240
dissect_ssl enter frame #31 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 16 offset 5 length 130 bytes, remaining 139
dissect_ssl3_record: content_type 20
dissect_ssl3_change_cipher_spec
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 27 offset 150 length 4113341 bytes, remaining 198
dissect_ssl enter frame #30 (already visited)
conversation = 04C02080, ssl_session = 00000000
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 38 bytes, remaining 47
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 11 offset 52 length 773 bytes, remaining 829
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 12 offset 834 length 393 bytes, remaining 1231
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 14 offset 1236 length 0 bytes, remaining 1240