[stunnel-users] Wireshark didn't show TLSv1 traffic?
Bao, Robert
rbao at tycoint.com
Thu Feb 17 17:47:14 CET 2011
Mike,
That worked!
Thank you, good night :)
Robert
-----Original Message-----
From: stunnel-users-bounces at stunnel.org [mailto:stunnel-users-bounces at stunnel.org] On Behalf Of Michal Trojnara
Sent: Thursday, February 17, 2011 11:43 AM
To: stunnel-users at stunnel.org
Subject: Re: [stunnel-users]Wireshark didn't show TLSv1 traffic?
"Bao, Robert" <rbao at tycoint.com> wrote:
> I have "ciphers = AES256-SHA" option in stunnel.conf file. And when the
> server/client established the connection, I see this line in the log
> file:
>
> Negotiated ciphers: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
>
> However when I use Wireshark to sniff the traffic, I only see "TCP" in
> the <Protocol> column for the traffics between the server and the
> client.
>
> Is this normal? What did I do wrong?
Wireshark decodes protocols based on their port numbers. It does not
attempt to guess the protocol type. Whenever you use SSL on a non-standard
port, you need to manually reconfigure Wireshark. On Windows just
right-click on a packet and select "Decode As" to configure non-standard
port as an SSL-based service.
Mike
_______________________________________________
stunnel-users mailing list
stunnel-users at stunnel.org
http://stunnel.mirt.net/mailman/listinfo/stunnel-users
More information about the stunnel-users
mailing list