| TLS Version 1.2 HANDSHAKE | Back to Home Page |
This page shows the complete packet trace for https://www.mikestoolbox.org, including all open, close, and keep-alive packets, as well as all TCP/IP headers. Access was with TLSClient using TLS 1.2 and TLS_RSA_WITH_AES_128_CBC_SHA. This Cipher Suite is the only mandatory suite required by RFC5246. ASCII representation has been removed.
1 00:1D:09:7E:44:A2: IP-192.168.1.2
---> 28:C6:8E:76:C1:C2: IP-174.75.34.16 58940 443
0 28:C6:8E:76:C1:C2:00:1D: 09:7E:44:A2:08:00:45:00:
16 00:34:7D:64:40:00:80:06: EB:59:C0:A8:01:02:AE:4B:
32 22:10:E6:3C:01:BB:95:A4: 42:34:00:00:00:00:80:02:
48 20:00:FD:3F:00:00:
02:04:05:B4:01:03:03:02:01:01:04:02: - (SYN Request)
2 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 00:34:78:75:40:00:32:06: 3E:49:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 2B:87:95:A4:42:35:80:12:
48 FF:FF:7B:B6:00:00:
02:04:05:B4:01:03:03:03:04:02:00:00: - (SYN ACK)
3 00:1D:09:7E:44:A2: IP-192.168.1.2
---> 28:C6:8E:76:C1:C2: IP-174.75.34.16 58940 443
0 28:C6:8E:76:C1:C2:00:1D: 09:7E:44:A2:08:00:45:00:
16 00:28:7D:65:40:00:80:06: EB:64:C0:A8:01:02:AE:4B:
32 22:10:E6:3C:01:BB:95:A4: 42:35:76:F1:2B:88:50:10:
48 40:29:7B:5A:00:00: - (ACK)
After a connection is established, the Client sends it's Random value, it's supported Cipher Suites, and the Extensions that it supports. In this case, the only supported extension is the SNI (Server Name Indication). The purpose of this extension is to allow the server to support more than one domain, along with it's associated Certificates. For this reason, it should always be used.
4 00:1D:09:7E:44:A2: IP-192.168.1.2
---> 28:C6:8E:76:C1:C2: IP-174.75.34.16 58940 443
0 28:C6:8E:76:C1:C2:00:1D: 09:7E:44:A2:08:00:45:00:
16 00:79:7D:66:40:00:80:06: EB:12:C0:A8:01:02:AE:4B:
32 22:10:E6:3C:01:BB:95:A4: 42:35:76:F1:2B:88:50:18:
48 40:29:02:27:00:00:
16:03:03:00:4C: - TLS Record Header (len=76)
01:00:00:48: - Client Hello (len=72)
03:03: - SSL Verison 3.3 (TLS V1.2)
56:32:B3:00:5C:CC:9D:69:0D:7F:05:8B:91:EA:FD:11: - Client Random
1C:43:44:51:89:B5:5D:CE:AB:A7:22:39:B4:18:BE:27:
00: - Session ID Length (0)
00:02: - Supported Cipher Suite Length (2)
00:2F: - TLS_RSA_WITH_AES_128_CBC_SHA
01: - Compression Support Length (1)
00: - Compression Support None
00:1D: - Extension Length (29)
00:00: - Type (Server Name)
00:19: - Length (25)
00:17: - Server Name Indication Length (23)
00: - Server Name Type (host_name)
00:14: - Name Length (20)
77:77:77:2E:6D:69:6B:65:73:74:6F:6F:6C:62:6F:
78:2E:6F:72:67: - www.mikestoolbox.org
5 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 00:28:AF:11:40:00:32:06: 07:B9:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 2B:88:95:A4:42:35:50:10:
48 FF:FF:BB:83:00:00:
00:00:D1:96:3A:A0: - (Keep Alive)
The server responds with it's own Random value, a Session ID, the Cipher Suite chosen from those offered by the client, and the extensions supported chosen from those offered by the client. In this case there is only 1 Cipher Suite and 1 extension offered by the Client. If the Client had offered a SessionTicket extension and the Server supported it, no Session ID would have been provided and a New Session Ticket would be sent by the Server just prior to sending the Server Finished message. In addition, the Certificate Chain is sent. In theory, the receiver is supposed to verify the signatures. The Signature was created by the Server using the Private Key, so we can decrypt it using the Public Key and compare it to a Hash of Part 1 of the certificate (obviously not including the signature part). This Hash is not the same as the Thumbprint, which is a hash of the entire Certificate, including the Signature. This is true of a single self-signed certificate, but for a Certificate purchased from a Certificate Authority, the certificate is signed with the Private Key from the CA. Browsers come complete with the Root Certificates from the well known and trusted providers. For verifying signatures, the Public Key from the provider must be used instead of the Public Key from the server. For self-signed Certificates that use a self-signed Root Certificate so that they can service multiple web sites, the Public Key can be obtained from the Handshake Certificate record below, or the Root Certificate can be imported by some other means into the Trusted Root Store.
6 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 05:DC:DC:05:40:00:32:06: D5:10:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 2B:88:95:A4:42:86:50:10:
48 FF:FF:48:7A:00:00:
16:03:03:00:50: - TLS Record Header (len=80)
02:00:00:4C: - Server Hello (len=76)
03:03:: - SSL Verison 3.3 (TLS V1.2)
74:54:D1:AB:0F:42:2F:6C:1A:E2:C7:1B:17:3B:0A:39: - Server Random
96:24:C4:FD:F8:6C:51:E1:2B:BE:E0:91:21:18:57:57:
20: - Session ID length (32)
6B:B0:1C:BB:72:61:00:55:08:8C:73:00:00:01:19:0E: - Session ID
CC:E9:82:76:4A:E7:FD:EF:D4:B0:72:D9:3E:FD:8F:04:
00:2F: - TLS_RSA_WITH_AES_128_CBC_SHA
00: - Compression Length (0)
00:04: - Extension Length (4)
00:00: - Type (Server Name)
00:00: - Length (0)
16:03:03:07:07: - TLS Record Header (len=1,799)
0B:00:07:03: - Certificate Data (len=1,795)
00:07:00: - All Certs (len=1,064)
00:03:A8: - Cert 1 (len=936)
30:82:03:A4:30:82:02:8C:A0:03:02:01:02:02:04:4D:
82:CF:3E:30:0D:06:09:2A:86:48:86:F7:0D:01:01:05:
05:00:30:47:31:0B:30:09:06:03:55:04:06:13:02:55:
53:31:17:30:15:06:03:55:04:0A:0C:0E:4D:69:6B:65:
27:73:20:54:6F:6F:6C:62:6F:78:31:1F:30:1D:06:03:
55:04:03:0C:16:4D:69:6B:65:27:73:20:54:6F:6F:6C:
62:6F:78:20:54:65:73:74:20:43:41:30:1E:17:0D:31:
31:30:33:31:38:30:33:31:39:32:32:5A:17:0D:31:36:
30:33:31:38:30:33:31:39:32:32:5A:30:45:31:0B:30:
09:06:03:55:04:06:13:02:55:53:31:17:30:15:06:03:
55:04:0A:0C:0E:4D:69:6B:65:27:73:20:54:6F:6F:6C:
62:6F:78:31:1D:30:1B:06:03:55:04:03:0C:14:77:77:
77:2E:6D:69:6B:65:73:74:6F:6F:6C:62:6F:78:2E:6F:
72:67:30:82:01:22:30:0D:06:09:2A:86:48:86:F7:0D:
01:01:01:05:00:03:82:01:0F:00:
30:82:01:0A: - SEQUENCE (len=266)
02:82:01:01: - PUBLIC KEY (len=257)
00: - NULL
************ (Server Public Key) **************
BF:93:92:BE:7C:82:7E:C4:BF:08:12:5E:9F:D4:75:F2:
8F:10:1C:09:D0:99:E8:B7:33:68:38:D0:97:C9:01:13:
7D:5D:12:D6:19:61:A1:34:B3:DA:AE:66:8E:B0:6E:FC:
36:D4:A7:62:AD:65:66:E1:BB:0D:92:96:30:D6:67:DE:
2E:8A:81:F0:75:B2:FE:90:E2:F2:7D:BA:73:74:34:84:
64:D5:22:2E:08:0F:F0:99:F3:DA:6F:72:6B:E6:61:C4:
DD:DC:06:3E:72:E6:0D:FA:7D:78:99:7B:B4:E8:48:9F:
29:E2:7D:E8:53:6C:A8:D9:B5:6F:BF:CC:71:69:1D:14:
A3:94:6B:E2:76:97:9B:31:5C:F0:FF:32:3D:47:7E:95:
CD:C5:8A:92:5D:D0:C9:5D:9D:75:0F:E9:3A:48:F8:A4:
FA:25:0A:60:7A:38:D0:20:18:77:00:82:2A:7A:42:13:
1F:CC:AB:AB:A8:93:E1:62:5B:48:89:CF:F1:45:85:04:
8C:F5:8A:04:B5:C8:8A:DB:A1:60:29:4F:06:42:8B:B9:
B7:DB:3D:15:74:40:9C:32:8A:E8:69:01:BD:CE:81:48:
65:7E:53:D9:CC:9A:A6:67:B6:6E:5F:5E:9A:96:AD:5D:
C8:14:E9:D9:38:3B:08:3B:C5:27:FA:3A:FC:13:61:FD:
***********************************************
02:03: - Exponent length (3)
01:00:01: - Exponent (65,537)
A3:81:99:30:81:96:30:0E:06:03:55:1D:0F:01:01:FF:
04:04:03:02:05:A0:30:13:06:03:55:1D:25:04:0C:30:
0A:06:08:2B:06:01:05:05:07:03:01:30:2F:06:03:55:
1D:11:04:28:30:26:82:12:2A:2E:6D:69:6B:65:73:74:
6F:6F:6C:62:6F:78:2E:6F:72:67:82:10:6D:69:6B:65:
73:74:6F:6F:6C:62:6F:78:2E:6F:72:67:30:1F:06:03:
55:1D:23:04:18:30:16:80:14:23:A8:AF:F6:06:58:DF:
FB:58:4F:F1:08:2C:09:4F:C0:A1:F7:D2:AA:30:1D:06:
03:55:1D:0E:04:16:04:14:EB:3E:6C:12:ED:9A:30:B8:
A9:AB:7B:EE:E4:EE:03:7A:DC:6F:61:1E:30:0D:06:09:
2A:86:48:86:F7:0D:01:01:05:05:00:
03:82:01:01: - SEQUENCE (len=257)
00: - NULL
************* (Server Signature) **************
53:14:D3:8C:00:84:65:C6:B4:12:1D:23:2A:DF:1F:04:
1C:46:A8:BC:59:36:33:6A:B9:D1:4B:4F:17:AC:B8:14:
1B:60:31:43:70:4B:A5:57:F4:6C:01:E5:65:51:5D:55:
4B:EB:E9:1F:D4:3B:F9:8D:A1:01:5E:F4:10:C7:11:CA:
08:B9:45:EF:1E:65:1D:FC:2F:39:02:25:5D:0F:2F:4C:
6B:60:00:E9:34:67:96:63:E9:F5:27:E6:B1:9D:39:44:
D2:7F:40:8F:B5:63:7A:6B:A5:86:2D:86:4C:D9:37:EE:
CE:94:0B:C1:16:45:4C:12:D0:6F:2B:6C:37:3D:A2:BE:
4E:04:30:7C:64:F1:49:B2:22:A4:E6:BF:BF:54:ED:3C:
2A:8D:85:D1:17:E0:06:22:15:BF:2F:64:0E:D2:44:F3:
7C:77:F3:EF:55:2F:BB:A9:53:7E:23:57:DD:73:71:E1:
95:C7:1A:25:27:B0:8A:F2:77:20:7C:7C:B6:1F:32:54:
D5:C7:92:68:D0:35:6C:CC:E1:12:86:A2:93:EC:E2:A3:
85:6C:01:56:6A:92:97:06:8E:1D:BD:FA:58:E2:E5:B4:
3F:A2:70:5C:51:E7:5F:87:67:AE:D8:AD:A0:81:B4:37:
A0:EE:1C:DF:B1:C8:AF:B6:7D:A8:4D:65:AA:CB:BF:63:
***********************************************
00:03:52: - Cert 2 (len=850)
30:82:03:4E:30:82:02:36:A0:03:02:01:02:02:04:4D:
82:CF:3A:30:0D:06:09:2A:86:48:86:F7:0D:01:01:05:
05:00:30:47:31:0B:30:09:06:03:55:04:06:13:02:55:
53:31:17:30:15:06:03:55:04:0A:0C:0E:4D:69:6B:65:
27:73:20:54:6F:6F:6C:62:6F:78:31:1F:30:1D:06:03:
55:04:03:0C:16:4D:69:6B:65:27:73:20:54:6F:6F:6C:
62:6F:78:20:54:65:73:74:20:43:41:30:1E:17:0D:31:
31:30:33:31:38:30:33:31:39:32:32:5A:17:0D:31:36:
30:33:31:38:30:33:31:39:32:32:5A:30:47:31:0B:30:
09:06:03:55:04:06:13:02:55:53:31:17:30:15:06:03:
55:04:0A:0C:0E:4D:69:6B:65:27:73:20:54:6F:6F:6C:
62:6F:78:31:1F:30:1D:06:03:55:04:03:0C:16:4D:69:
6B:65:27:73:20:54:6F:6F:6C:62:6F:78:20:54:65:73:
74:20:43:41:30:82:01:22:30:0D:06:09:2A:86:48:86:
F7:0D:01:01:01:05:00:03:82:01:0F:00:
30:82:01:0A: - SEQUENCE (len=266)
02:82:01:01: - PUBLIC KEY (len=257)
00: - NULL
*************** (CA Public Key) ***************
AD:66:7B:B3:9E:D0:B2:8D:92:2B:43:4B:98:E8:C7:71:
69:8A:6B:A9:6C:20:54:8C:EE:18:B8:D6:23:A3:61:BB:
ED:A5:F7:F9:E0:03:19:27:8C:B3:84:D9:BD:AA:83:5C:
40:4B:94:63:58:0A:EF:01:EF:FA:E5:A0:41:AA:A0:80:
F9:62:B2:98:8F:13:28:15:66:5B:B9:C3:F0:9A:BA:C8:
88:60:98:76:8C:22:32:A5:99:26:D1:6A:F2:A2:BC:41:
73:FE:A6:64:89:E5:09:00:8A:60:E4:57:62:7F:DE:C5:
D8:BB:00:E2:BE:41:71:C6:08:84:07:38:28:2C:25:E8:
39:69:BD:F0:82:A6:1C:7C:69:4E:36:69:93:5A:F8:95:
E8:08:6C:7D:00:3F:36:9F:FE:CB:92:AE:8B:15:8D:56:
5B:8E:6A:E9:A7:38:AB:7B:21:A1:F2:C8:2D:35:18:4A:
7 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 00:28:A5:05:40:00:32:06: 11:C5:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 2B:88:95:A4:42:86:50:10:
48 FF:FF:BB:32:00:00:
00:00:4F:97:C6:CE:
8 00:1D:09:7E:44:A2: IP-192.168.1.2
---> 28:C6:8E:76:C1:C2: IP-174.75.34.16 58940 443
0 28:C6:8E:76:C1:C2:00:1D: 09:7E:44:A2:08:00:45:00:
16 00:28:7D:67:40:00:80:06: EB:62:C0:A8:01:02:AE:4B:
32 22:10:E6:3C:01:BB:95:A4: 42:86:76:F1:31:3C:50:10:
48 40:29:75:55:00:00:
9 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 01:F4:6F:5E:40:00:32:06: 45:A0:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 31:3C:95:A4:42:86:50:18:
48 FF:FF:60:6E:00:00: - Cert 2 Cont.
10:82:BD:C6:88:75:96:6B:3A:25:F5:B4:8D:F4:E9:83:
E2:68:F5:AF:F2:02:BF:21:9A:1F:E8:81:D3:41:BD:36:
19:EB:A6:B1:5B:7F:7C:1F:8B:63:61:94:EC:D1:CB:2A:
61:B9:0A:04:12:60:C4:BD:18:7C:42:CF:E6:1C:60:2E:
D4:20:46:2A:4E:FE:1F:98:FF:CC:24:93:22:25:49:35:
***********************************************
02:03: - Exponent length (3)
01:00:01: - Exponent (65,537)
A3:42:30:40:30:0F:06:03:55:1D:13:01:01:FF:04:05:
30:03:01:01:FF:30:0E:06:03:55:1D:0F:01:01:FF:04:
04:03:02:01:06:30:1D:06:03:55:1D:0E:04:16:04:14:
23:A8:AF:F6:06:58:DF:FB:58:4F:F1:08:2C:09:4F:C0:
A1:F7:D2:AA:30:0D:06:09:2A:86:48:86:F7:0D:01:01:
05:05:00:
03:82:01:01: - SEQUENCE (len=257)
00: - NULL
**************** (CA Signature) ***************
95:F8:99:81:A8:DA:40:30:21:95:40:7F:16:20:82:21:
3D:06:BE:39:F9:45:8F:E2:D1:8E:3A:48:7E:E8:B0:6D:
60:84:2A:2A:0B:10:A7:EB:6B:2C:AA:D6:DE:82:65:56:
77:D7:D9:2B:40:8F:03:A7:3D:68:DA:97:DD:C8:50:7F:
3E:50:76:52:BA:B5:E2:B0:D8:7C:55:1D:63:8C:11:DB:
90:14:71:24:28:97:43:40:3A:9C:70:CA:5D:1C:30:97:
E0:E7:14:34:CB:74:04:49:C5:EE:E5:D4:B7:37:58:F4:
25:9D:3F:6E:0F:F4:3D:68:E1:FA:FD:CD:E8:CD:68:61:
16:6C:4B:7B:70:40:B4:0B:CD:D9:FC:29:E9:9D:CF:3B:
6A:34:58:B6:E5:F9:0A:10:6B:43:15:A1:28:27:29:F1:
86:F8:1A:F4:42:6E:89:E0:46:6D:95:52:10:2A:10:56:
7A:9E:90:81:F4:FE:52:3B:64:14:94:BB:BC:C1:2E:55:
7C:F6:E3:DF:FA:92:05:4A:A1:9D:2F:9F:30:19:27:A9:
C4:D7:A6:76:83:2D:32:4D:74:E2:12:01:3D:23:B6:AE:
E5:9B:8F:FC:C5:76:EB:20:74:2F:4E:59:AB:E1:56:81:
9A:B2:EC:74:D7:55:E9:D4:C7:8E:92:7A:DD:11:7D:4D:
***********************************************
16:03:03:00:11: - TLS Record Header (len=17)
0D:00:00:0D: - Certificate Request (len=13)
02:01:02:00:06:04:01:05:01:02:01:00:00:
16:03:03:00:04: - TLS Record Header (len=4)
0E:00:00:00: - Server Done
The Certificate is normally followed by a Server Done message. In this case however, a Certificate Request was also made, which includes a list of the type of Certificates that the Server will accept. Most Clients do not have any Certificates, and TLS 1.2 requires the Client to respond with a NULL list which you will see later. NOTE: Microsoft servers do not return a record header for each message. The Server Hello messages are all sent under a single record header. Next, the Client will respond with the Client Key Exchange record. In this case the Client has included it's own Certificate list (zero length) as part of the same record. The Key Exchange message is a 48 byte random number: 03 03 1E 18 A3 94 64 0E AF 13 8C 2B A4 BA 20 21 F1 4E BC A1 FA F0 FD 83 8B 8E 08 59 7D DD A3 2C A9 C0 57 63 01 5E A8 92 E5 76 59 B4 DD 53 EA 53encrypted with the Server Public Key received earlier by the Client. This message will always be at least the length of the key itself (2048 bit/256 byte), and will always be different even with the same random number. This is due to the nature of the padding used in RSA encryption.
10 00:1D:09:7E:44:A2: IP-192.168.1.2
---> 28:C6:8E:76:C1:C2: IP-174.75.34.16 58940 443
0 28:C6:8E:76:C1:C2:00:1D: 09:7E:44:A2:08:00:45:00:
16 01:85:7D:68:40:00:80:06: EA:04:C0:A8:01:02:AE:4B:
32 22:10:E6:3C:01:BB:95:A4: 42:86:76:F1:33:08:50:18:
48 3F:B6:F7:19:00:00:
16:03:03:01:0D: - TLS Record Header (len=269)
0B:00:00:03: - Certificate Data (len=3)
00:00:00: - All Certs (len=0)
10:00:01:02: - Client Key Exchange (len=258)
01:00: - Length (256)
******** (Encrypted Pre-Master Secret) ********
5A:FD:F3:E6:31:14:6A:7A:54:0B:AF:6B:69:5A:1F:11:
B0:7C:E1:B3:A8:9E:8E:6E:DE:08:C2:CA:DD:F9:DB:C6:
FD:EB:84:DF:CD:59:44:09:38:65:A2:2F:1C:49:BF:1B:
24:C6:9E:DA:A3:34:68:25:A4:72:EA:14:89:D9:57:32:
A2:49:FC:1C:BC:19:CC:1A:2E:65:1F:9F:91:2B:49:78:
00:64:F2:F4:7D:61:E2:5B:76:7A:9F:0F:70:D3:E3:66:
FE:A6:06:DF:60:A0:45:00:E8:57:1A:03:78:68:CF:CC:
74:17:4D:DF:01:C2:10:2D:59:8A:B7:A5:2C:87:7A:18:
14:89:EC:F5:92:13:89:C1:03:74:6A:D5:53:0B:D8:08:
73:FB:06:C3:F2:FB:FF:E1:F8:88:18:49:EA:78:6C:A0:
39:44:51:D4:63:ED:8F:6C:14:B8:A2:C0:74:A0:EF:3D:
DD:CC:55:03:88:D9:F0:EE:3B:85:1A:AE:73:B0:14:8A:
D4:11:6A:06:45:6A:EB:36:AA:21:BA:F2:30:54:83:14:
DE:32:B3:29:FF:6C:CF:6E:98:91:07:D6:ED:A7:C8:BB:
64:42:98:C5:C2:5E:E4:36:B1:9C:2F:41:4B:F2:94:27:
12:2A:14:95:20:B8:65:0E:C6:41:12:0E:A7:F5:65:C2:
***********************************************
14:03:03:00:01: - Change Cipher Spec (len=1)
01:
16:03:03:00:40: - TLS Record Header (len=64)
************** (Client Finished) **************
C4:9B:B8:FA:15:06:74:31:32:4F:4F:88:02:DE:67:FB:
BE:BD:4F:F1:49:1E:3A:86:5D:DA:81:7B:36:AB:A9:DE:
F8:B1:50:1A:42:18:B1:1C:CB:AA:1F:63:A6:69:58:BD:
BC:4E:6B:77:B4:F2:83:07:33:04:1D:75:F1:3A:87:DB:
***********************************************
As part of the Client Key Exchange record, the Client also sends a Change Cipher Spec to indicate that all further messages will be encrypted. At this point the Client has enough information to create the necessary keys. CLIENT_RANDOM: 56 32 B3 00 5C CC 9D 69 0D 7F 05 8B 91 EA FD 11 1C 43 44 51 89 B5 5D CE AB A7 22 39 B4 18 BE 27 SERVER_RANDOM: 74 54 D1 AB 0F 42 2F 6C 1A E2 C7 1B 17 3B 0A 39 96 24 C4 FD F8 6C 51 E1 2B BE E0 91 21 18 57 57 PRE_MASTER_KEY: 03 03 1E 18 A3 94 64 0E AF 13 8C 2B A4 BA 20 21 F1 4E BC A1 FA F0 FD 83 8B 8E 08 59 7D DD A3 2C A9 C0 57 63 01 5E A8 92 E5 76 59 B4 DD 53 EA 53 These are used to create: MASTER_KEY: 1D D6 17 E7 70 C3 32 35 E9 F5 A7 4D 75 4C 35 68 BA 10 E8 BE CA 41 E8 85 79 F3 10 9B E6 03 14 65 E4 44 CD D0 FD EC AC 4E BE 06 7B FF 3F EC 39 13 WRITE_MAC KEY: 63 62 57 B8 EE 53 F9 7F 37 4F 0A 24 B0 5E 86 04 A3 FB A8 FA READ_MAC KEY: 0A 8E 88 F1 1F 51 12 FA 80 05 9A 79 72 A1 32 18 46 7A D4 B5 WRITE_KEY: 03 2C 9E EA 56 F4 C9 6F AC 12 01 47 82 BB FE F8 READ_KEY: 63 4C 69 C0 A4 1E 24 40 11 F8 CA 37 21 47 9A 92 WRITE_IV: 06 68 62 BE 20 46 10 12 AE 3B 36 F7 12 47 DA FD READ_IV: DF 9D E1 74 68 60 55 19 26 02 3B 6E EB 88 18 82 Using those keys, the Client Finished message: is encrypted and sent to the Server as above. The Explicit IV is 16 bytes long because that is the block size of the AES128 algorithm. The Finished record consists of a 4 byte header and a 12 byte PRF of the Session Hash (SHA256) to date. All current Cipher Suites supported in TLS 1.2 use a 16 byte Finished record, but that could change for new suites. The HMAC is 20 bytes long because that is the length of the specified Hash (SHA).
11 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 00:28:F3:78:40:00:32:06: C3:51:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 33:08:95:A4:43:E3:50:10:
48 FF:FF:B2:55:00:00:
00:00:1D:F3:56:80:
The Server now sends it's own Change Cipher Spec and Server Finished record.
12 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 00:73:AA:3C:40:00:32:06: 0C:43:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 33:08:95:A4:43:E3:50:18:
48 FF:FF:43:26:00:00:
14:03:03:00:01: - Change Cipher Spec (len=1)
01:
16:03:03:00:40: - TLS Record Header (len=64)
************** (Server Finished) **************
F5:6B:D0:49:F4:B2:6D:82:4F:EA:B3:D8:25:19:F3:56:
84:1E:5F:AB:A2:66:AD:37:FD:BB:72:77:BD:D7:A9:35:
26:BB:9A:7F:53:50:6C:9A:25:A4:51:1E:B7:75:22:6A:
7C:D6:0B:37:7A:0B:F6:87:14:5E:88:9C:6A:28:B4:AA:
***********************************************
The Finished message consists of: 37 08 AD E0 81 99 C3 3F 11 49 DF 81 DA 97 B7 21 - Explicit IV 14 00 00 0C AD FD 3C 9B 10 35 C9 A3 78 86 BC 3E - Finished record 5D 9A E0 60 0B 4C 4E 85 E9 8E CD 60 FD 31 15 CB - HMAC B4 BC A3 43 0B - Padding Length:(11) At this point, the TLS Hanshake is complete and the encrypted Application Data is now sent. All the subsequent packets are shown here for for completion, and the decrypted output is shown at the bottom of this page.
13 00:1D:09:7E:44:A2: IP-192.168.1.2
---> 28:C6:8E:76:C1:C2: IP-174.75.34.16 58940 443
0 28:C6:8E:76:C1:C2:00:1D: 09:7E:44:A2:08:00:45:00:
16 01:9D:7D:69:40:00:80:06: E9:EB:C0:A8:01:02:AE:4B:
32 22:10:E6:3C:01:BB:95:A4: 43:E3:76:F1:33:53:50:18:
48 3F:A3:14:DF:00:00: - App Data Starts Here!
17:03:03:01:70: - TLS Record Header (len=368)
C4:9B:B8:FA:15:06:74:31:32:4F:4F:88:02:DE:67:FB:
A7:7F:7F:A0:92:63:5B:B8:2F:D4:27:A0:87:6C:BD:9B:
DD:AC:1E:85:30:7F:67:A4:68:40:89:36:7F:01:46:B0:
FF:BA:65:F4:FB:D0:EC:54:18:DF:5A:EC:25:6C:3D:52:
0D:68:BC:0F:82:7D:01:BF:4A:AD:1A:4F:43:DA:59:5F:
1A:02:2A:D0:15:93:2D:26:46:AB:19:27:25:F6:49:DC:
13:A5:3A:98:29:87:89:0D:87:62:D8:F7:7A:F2:3B:35:
86:59:CF:CA:D0:36:D5:E2:FB:FA:65:B3:CC:DF:19:F7:
21:77:96:21:38:BB:E1:F2:FF:A6:FE:F1:80:5F:3F:4F:
87:60:51:B0:61:1D:FD:24:5C:EA:58:02:2A:F0:84:56:
32:B7:B8:60:73:5C:75:CF:C7:19:C3:7E:9A:6F:F6:85:
CD:BE:C8:4F:B4:BE:37:DF:D7:3D:4F:96:C0:41:82:ED:
D8:5E:32:BB:B6:B5:86:96:26:99:D9:43:8D:87:4A:9E:
0D:05:14:8C:72:65:25:0A:66:2E:3E:40:66:9F:6B:8A:
36:0E:91:EF:EF:6F:CF:99:8A:5B:54:D8:79:50:E3:C1:
DF:50:70:49:BA:4A:6A:D1:D0:93:89:19:DE:BB:76:97:
88:D5:1E:85:7A:60:B0:15:14:BD:B7:F7:20:51:87:D1:
4C:73:DA:7B:9B:C2:F3:35:39:C9:5E:96:D2:F9:28:15:
93:63:7D:BB:8F:5A:EC:33:A9:49:4F:84:E3:63:91:F4:
35:5C:59:39:A7:38:D2:54:1D:60:22:1D:36:23:BE:4C:
7B:D1:BD:02:8B:FC:B5:DF:40:B9:7D:69:27:17:60:BD:
6D:86:86:E9:7F:EF:BF:DA:D5:F3:9A:E6:A1:DA:35:B6:
E4:32:6B:E4:72:26:C2:6D:8E:44:24:C3:A2:59:D0:AF:
14 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 00:28:A8:60:40:00:32:06: 0E:6A:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 33:53:95:A4:45:58:50:10:
48 FF:FF:B0:95:00:00:
00:00:BC:92:87:DC:
15 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 05:DC:DD:4F:40:00:32:06: D3:C6:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 33:53:95:A4:45:58:50:10:
48 FF:FF:CB:51:00:00:
17:03:03:08:A0:
43:7B:6D:F4:48:
7F:0C:54:54:41:7F:8F:CB:E7:0B:02:24:5A:49:71:91:
E9:8D:ED:0E:F4:49:3B:49:C3:8D:9D:16:4E:90:0F:64:
E5:18:6D:B4:2C:16:28:F2:7F:17:96:1E:5E:5D:52:78:
37:CC:E3:AA:8E:E2:36:2D:3D:E5:E1:3E:2E:EF:98:66:
45:DD:ED:47:7C:11:6B:A0:FA:3D:C6:38:19:32:05:99:
93:01:14:E9:1E:88:9A:89:F8:1A:DC:33:A5:36:32:B9:
61:9A:79:38:DC:1D:6D:8C:AD:C2:24:E3:C7:56:3D:A2:
D1:AA:55:0A:FB:69:28:4D:48:69:50:C1:C5:A6:BF:D2:
E5:03:6A:E1:E2:CD:D9:1B:77:F0:55:86:36:87:BB:C5:
91:1B:5F:A8:FF:9E:CA:79:72:69:35:C9:3B:ED:CD:FB:
53:BC:AD:93:5A:63:4E:79:70:40:28:7F:50:EC:90:84:
1F:B7:76:51:81:9A:FB:EA:8F:EB:91:AA:8E:F8:C9:D2:
D0:F1:8E:A6:28:2F:6B:67:57:C8:D8:D4:7D:BD:33:22:
FB:42:AC:B5:F6:EB:6A:B4:ED:93:02:28:E8:FF:D5:C9:
39:3A:00:A0:BA:C1:21:33:DF:A9:22:89:B9:5C:1A:7B:
F6:00:FC:F2:B0:B5:7E:7C:DB:17:39:32:96:72:F3:35:
A5:98:A4:8C:18:52:0E:BB:FA:F6:E4:05:F0:D9:DB:E6:
2F:A7:E8:56:A5:DD:3E:70:C1:C9:C9:B6:C6:F3:AF:3E:
B0:1F:91:6D:AE:85:A3:D3:16:EF:1A:65:64:D8:E0:0E:
B7:31:B8:6D:BE:6C:1D:65:7C:B5:BF:BF:A5:93:7E:D8:
1A:AB:61:16:A5:BA:7D:4C:86:74:A9:28:EA:AC:F0:D8:
22:66:80:9A:71:5C:5C:D6:2C:CB:B5:9A:0C:5C:07:63:
F0:21:0E:4F:F4:F3:B1:28:AD:CC:D3:D0:50:D9:1C:10:
99:3F:71:AE:D1:B1:88:B8:EB:5D:F3:30:28:5D:21:47:
D9:3A:52:C3:A8:B4:19:E9:24:DE:03:50:53:5E:3A:EC:
80:E1:D6:93:1C:55:7D:1C:E6:5E:6C:41:82:AE:F4:CD:
1A:8D:E6:79:92:4D:C6:C8:90:7D:52:E4:66:04:31:41:
81:D8:80:8E:29:F2:B4:2B:84:1B:7A:CB:41:B6:E8:42:
29:12:4E:76:D6:DA:B9:AD:90:8A:B7:68:DA:AE:29:DB:
55:EA:4D:10:8B:6D:66:61:9D:28:89:0B:B9:57:1B:0A:
06:C5:15:57:00:CC:95:A4:67:3B:80:DE:CE:C2:0E:23:
1F:39:0C:4E:1D:5B:2B:8C:AD:AD:17:44:71:79:12:C3:
D0:61:61:39:D3:10:A4:50:8C:06:A2:B7:F8:6A:0B:5E:
09:01:CF:5B:9F:45:99:07:1C:76:D7:00:44:88:87:86:
00:7D:5F:F8:3F:23:88:59:79:F1:1F:36:96:6D:A6:41:
C3:68:F6:19:5B:66:EA:F3:82:90:66:9A:A0:56:55:CD:
2D:7E:A1:0C:3B:73:1E:41:D6:C1:F8:23:6C:0C:EF:B7:
A4:18:06:8D:62:62:0D:54:D8:56:4C:B0:1A:B7:A5:C4:
B9:6D:70:43:B3:F9:CD:2E:6C:FF:11:D2:8D:54:70:0E:
BE:2E:C7:00:9F:36:49:1B:8C:BB:8B:31:CB:BB:8B:8C:
0C:5B:D1:20:3A:A7:C5:C7:BF:E1:2E:F2:CC:F4:F1:5A:
26:FA:65:61:77:C2:C0:95:78:80:EF:17:C6:C6:3B:73:
0C:28:66:7F:6A:DF:48:8F:18:64:49:55:CB:15:0F:E1:
BE:FC:12:09:DE:80:15:DC:5F:88:FE:FA:76:61:5C:4F:
CF:B6:81:FB:F9:84:79:AC:FC:13:D6:F0:96:29:41:E2:
9A:C7:A3:16:17:19:11:E1:DB:A8:94:A0:59:E7:44:A1:
9D:95:60:25:B4:9E:3E:D1:EE:09:4D:27:F6:06:2F:A9:
9E:58:3E:6D:E3:8C:FA:DB:7F:86:7B:29:51:40:D8:59:
30:92:66:25:9F:00:00:BC:FE:0A:56:70:E7:89:4B:00:
7B:6B:C4:94:9D:A7:37:CF:6A:64:59:FC:67:A9:10:34:
10:5E:5B:B0:60:69:47:C5:0B:5C:4F:B7:CB:6F:81:BA:
62:2D:D5:F4:A8:B0:36:2F:69:FA:E3:90:1D:96:F4:5A:
3C:60:74:06:CA:F4:FC:48:19:86:BE:98:5F:C1:E9:16:
2E:5A:74:F5:7B:9F:66:B0:F6:2F:1C:A2:F3:6E:D0:8A:
5A:9E:CB:13:E4:E0:44:60:3D:41:FE:B2:E2:C8:EE:1F:
39:DF:D8:06:05:70:41:9C:8C:2E:71:2E:46:97:C2:C9:
04:5D:2D:F1:3B:D9:C6:2D:A2:F5:14:45:7D:35:E9:8F:
52:21:1D:18:9D:13:93:BC:47:84:35:F2:1A:50:75:3A:
C9:3B:95:4F:F7:51:6A:F5:37:A5:04:A2:3B:BF:44:BC:
08:14:77:96:A5:44:F7:90:B1:67:C7:79:F8:7C:AA:F3:
99:87:94:8C:CE:31:92:03:EF:65:D6:CB:3D:08:19:FE:
86:8B:59:E8:E2:B6:45:76:93:72:6E:5C:5B:5F:24:E7:
BB:8F:52:05:F2:3B:D0:F3:FE:3B:EC:37:F5:4B:32:F7:
0A:94:E9:15:84:95:F7:72:B0:2B:15:51:C1:C4:5D:87:
C5:61:23:6C:79:26:AD:59:BD:94:F2:CA:C3:0E:0A:D9:
69:F1:FC:F4:15:57:0C:E4:24:A7:DE:81:EF:4E:DD:EB:
BF:70:EC:3C:E5:2A:D4:C6:18:FB:01:CB:DB:2C:70:6B:
FE:64:16:88:A6:B8:E3:8D:03:69:A0:B1:E7:C2:AD:7D:
02:8F:74:89:54:84:A5:C3:1D:16:BE:0F:27:0E:8A:47:
A1:B2:A7:D0:04:83:88:FC:32:8E:10:38:34:C1:DD:D0:
B1:69:5D:42:3F:A2:B9:6F:5C:B6:7B:37:BA:50:F1:A1:
47:27:11:EF:2C:05:C1:94:1B:EB:3B:1E:2E:22:2E:9B:
0F:CA:A6:DE:32:4A:3A:21:7B:22:3F:33:7D:55:74:E4:
F0:F9:22:28:91:05:D9:41:B1:46:9E:BD:37:BE:64:E1:
B5:8A:49:9E:BA:C5:2C:1C:B3:DA:53:4F:E6:44:EF:AF:
73:1F:53:15:40:DB:35:22:89:AD:7F:A1:59:2C:B1:D4:
45:5C:3E:25:89:E8:01:46:B0:96:96:9A:DD:AE:61:1D:
F7:E0:09:58:C5:65:4E:BD:4B:50:D7:F5:93:EC:60:86:
80:81:7E:64:36:45:C8:22:EC:78:09:C6:1F:A7:E0:1B:
02:7E:8E:76:54:5D:CD:67:69:55:CD:5B:2D:28:51:A6:
8B:3D:E4:BF:92:27:DC:E3:35:26:41:6C:3C:D0:EB:CB:
DC:04:11:61:85:23:31:63:57:15:26:BD:3F:CA:44:4B:
C1:50:B4:E3:EA:40:D5:56:51:3E:C1:C5:1D:EC:3B:91:
5B:E8:EC:5B:DB:AC:09:7C:F3:16:3A:87:34:30:43:C9:
4D:A3:63:D8:BE:A7:76:3A:B2:F3:FC:D4:D5:FC:BE:67:
87:8C:45:F4:87:03:BD:77:A3:73:5E:4F:9D:39:46:77:
EF:2F:53:8F:E6:E5:FD:0E:44:82:FF:8F:77:EC:D0:4D:
64:3D:AC:70:1F:19:E2:26:42:26:D3:1A:8E:15:34:FB:
18:09:C3:45:B4:38:0B:21:87:28:71:94:BB:8F:7C:01:
F6:0D:BD:7A:27:37:FF:D5:47:16:2A:44:91:B3:04:D2:
41:FD:4F:51:4F:06:C7:69:03:1C:
16 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 03:19:CB:68:40:00:32:06: E8:70:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 39:07:95:A4:45:58:50:18:
48 FF:FF:89:DA:00:00:
FD:89:AE:F9:50:F9:E1:8B:70:7B:
5B:0B:86:10:92:42:BE:5B:35:5D:C5:B9:82:53:B6:7A:
19:51:4C:84:E0:AF:CE:88:E1:69:90:3E:5B:7E:34:57:
4A:1B:83:95:BB:A0:A7:8D:A4:0B:FB:26:A7:E6:06:29:
AF:68:CF:00:00:AF:84:1C:5C:D9:C5:FE:C3:C0:FA:42:
6E:E8:4A:A0:CD:38:B3:87:94:44:C1:11:E8:E5:D0:21:
F6:FB:FD:FB:2F:EE:E0:63:40:5B:1D:93:28:66:41:FA:
92:ED:5C:89:9A:F7:3F:E8:0C:B5:18:FA:92:57:FC:71:
05:6F:AF:4C:77:B4:51:5E:AB:84:AE:EE:FA:F3:30:0B:
7A:36:4A:7E:EF:93:D2:16:F8:40:A7:E2:F0:17:60:60:
CB:94:C6:63:DB:07:8C:C6:32:04:3F:ED:C3:70:E9:E1:
E2:B3:F1:28:60:D6:2E:C9:69:1D:9E:45:06:9B:D8:B0:
6D:F8:EF:01:29:B6:70:C2:FE:1E:40:F4:8C:AA:6F:AB:
FA:91:4B:F5:41:5E:C8:B9:9B:03:E4:CD:3D:E3:54:F1:
18:F3:59:48:54:C5:D2:00:30:54:DA:3F:05:F6:8E:39:
48:EF:5C:6D:A2:92:AA:04:8C:9A:CF:B5:A8:94:83:16:
51:04:42:FE:CA:F0:86:09:48:84:A1:97:CB:06:C7:9A:
3E:E9:5A:77:1C:DF:07:EF:B2:49:75:38:5C:80:C0:2A:
9E:99:59:82:48:27:F1:D3:0C:C7:1C:F9:50:7E:ED:41:
6A:87:25:C4:D1:A1:D1:28:30:E7:1E:DD:3E:56:0D:B0:
08:C6:45:A7:41:57:A8:8B:C6:A7:93:3B:C7:9C:F7:17:
D2:B3:AD:1B:5B:F5:F1:0E:9D:59:71:69:C0:10:35:47:
38:37:F7:5B:A2:C5:F0:02:DB:9F:C2:D2:65:D4:9E:38:
3F:74:45:D8:64:71:BA:3A:A3:08:5C:C8:00:23:47:B8:
DA:11:0C:45:19:F8:C5:F9:66:97:7E:06:47:16:AA:EA:
1E:FA:77:E6:61:37:E3:FE:71:6F:B7:93:23:AB:7F:F2:
FB:06:6C:82:68:F4:A3:6E:4E:3A:1D:38:63:A8:CB:1C:
B0:20:B0:DD:61:D9:5F:19:B2:18:5C:AB:DF:7B:59:5F:
DE:BC:2C:07:08:F2:55:90:E3:82:D3:75:5A:6C:60:49:
60:5E:53:1D:1C:81:64:F0:3F:50:F8:8B:EC:D4:7E:0B:
D0:F2:5F:01:70:A4:9D:A0:99:50:7D:15:E0:1C:7F:34:
46:E0:39:76:2D:E6:27:24:BD:01:F5:0D:C1:30:6C:41:
A2:B2:8E:BB:D3:C2:27:DF:31:8E:F7:6B:C0:E5:72:0F:
1C:91:4E:F4:2F:8E:95:FD:6F:78:FB:CB:50:2F:EF:64:
74:09:63:62:83:63:09:75:CA:1E:31:AE:38:AE:E2:B4:
F2:8D:95:D4:E1:ED:44:9C:CC:E0:84:FE:0F:DD:B5:29:
1C:BF:84:E0:B2:D0:78:88:C3:00:CC:D3:D4:3E:80:1D:
71:9C:61:AA:A1:C2:13:91:60:EE:44:C5:62:57:A0:56:
20:A5:00:B9:4C:D0:77:ED:9C:C7:66:6B:FC:FB:0B:6E:
07:88:42:80:98:AE:FE:E3:DB:71:99:98:9D:6D:AA:6E:
CC:76:CC:68:4C:C6:B9:43:F0:FF:69:F5:38:92:00:F7:
44:DC:E4:DE:FC:6B:78:F0:91:CC:5D:C6:3B:38:6F:19:
BA:58:EE:72:16:5B:45:0A:02:6D:27:39:C9:0B:71:E9:
D0:4D:4A:DD:C7:CC:EE:F3:DE:4C:24:98:E1:65:AC:05:
AB:06:E0:F9:18:FE:DA:FF:36:11:66:4F:E8:23:FB:7A:
DA:FA:C0:04:41:82:9F:64:28:66:0C:0B:0E:CD:37:5F:
65:9D:68:66:0E:AB:80:E3:AF:AC:F6:F8:64:CB:D9:B0:
92:5C:A5:48:71:4C:EC:
17 00:1D:09:7E:44:A2: IP-192.168.1.2
---> 28:C6:8E:76:C1:C2: IP-174.75.34.16 58940 443
0 28:C6:8E:76:C1:C2:00:1D: 09:7E:44:A2:08:00:45:00:
16 00:28:7D:6A:40:00:80:06: EB:5F:C0:A8:01:02:AE:4B:
32 22:10:E6:3C:01:BB:95:A4: 45:58:76:F1:3B:F8:50:10:
48 40:29:67:C7:00:00:
18 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 00:5D:B5:38:40:00:32:06: 01:5D:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 3B:F8:95:A4:45:58:50:19:
48 FF:FF:9D:8F:00:00:
15:03:03:00:30: - TLS Alert Zero (Close Connection)
E0:A6:5F:A3:C1:42:F9:D4:3F:7C:D1:3D:E3:20:94:A1:
53:70:06:DB:C9:0C:06:5D:8C:42:3F:76:DF:5B:75:BC:
CD:6B:D0:80:6A:D6:7A:E7:8B:C4:23:CD:6B:35:B2:EB:
26 DC C2 E0 8E 27 08 09 9D 6E 6F B2 DA 2A 67 4D - Explicit IV
01 00 - Warning Alert
9C C9 B0 42 1D B3 1F 2F 2E C9 A8 FC 13 5E EC 1F - HMAC
CB D9 8F 5A
09 - Padding Length
19 00:1D:09:7E:44:A2: IP-192.168.1.2
---> 28:C6:8E:76:C1:C2: IP-174.75.34.16 58940 443
0 28:C6:8E:76:C1:C2:00:1D: 09:7E:44:A2:08:00:45:00:
16 00:28:7D:6B:40:00:80:06: EB:5E:C0:A8:01:02:AE:4B:
32 22:10:E6:3C:01:BB:95:A4: 45:58:76:F1:3C:2E:50:10:
48 40:1B:67:9F:00:00:
20 00:1D:09:7E:44:A2: IP-192.168.1.2
---> 28:C6:8E:76:C1:C2: IP-174.75.34.16 58940 443
0 28:C6:8E:76:C1:C2:00:1D: 09:7E:44:A2:08:00:45:00:
16 00:28:7D:6C:40:00:80:06: EB:5D:C0:A8:01:02:AE:4B:
32 22:10:E6:3C:01:BB:95:A4: 45:58:76:F1:3C:2E:50:11:
48 40:1B:67:9E:00:00:
21 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 00:28:F2:45:40:00:32:06: C4:84:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 3C:2D:95:A4:45:58:50:11:
48 FF:FF:A7:BA:00:00:00:00: DD:F6:FF:A3:
22 00:1D:09:7E:44:A2: IP-192.168.1.2
---> 28:C6:8E:76:C1:C2: IP-174.75.34.16 58940 443
0 28:C6:8E:76:C1:C2:00:1D: 09:7E:44:A2:08:00:45:00:
16 00:28:7D:6D:40:00:80:06: EB:5C:C0:A8:01:02:AE:4B:
32 22:10:E6:3C:01:BB:95:A4: 45:59:76:F1:3C:2E:50:10:
48 40:1B:67:9E:00:00:
23 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 00:28:93:01:40:00:32:06: 23:C9:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 3C:2E:95:A4:45:58:50:10:
48 FF:FF:A7:BA:00:00:00:00: 97:46:38:4E:
24 28:C6:8E:76:C1:C2: IP-174.75.34.16
---> 00:1D:09:7E:44:A2: IP-192.168.1.2 443 58940
0 00:1D:09:7E:44:A2:28:C6: 8E:76:C1:C2:08:00:45:00:
16 00:28:34:5C:40:00:32:06: 82:6E:AE:4B:22:10:C0:A8:
32 01:02:01:BB:E6:3C:76:F1: 3C:2E:95:A4:45:59:50:10:
48 FF:FF:A7:B9:00:00:00:00: AB:EA:8B:D0:
HTTP/1.0 200 Ok Date: Fri, 30 Oct 2015 18:36:30 GMT Server: Mike's-Toolbox-Custom-Web-Server/4.0 Content-Type: text/plain; charset=utf-8 Content-Length: 1991 *********************************************************************** *** Mike's Toolbox Enhanced Multi-Threaded SSL/TLS Test Server *** *** *** *** https://www.mikestoolbox.net/ *** *** https://www.mikestoolbox.org/ *** *** *** *** Contact info: *** *** *** *** EMAIL: mikestoolbox@pobox.com *** *** WEB: http://mikestoolbox.com/ *** *** TWITTER: @mikestoolbox *** *** *** *** Copyright (c) 2010-2015 Michael D'Errico, All Rights Reserved *** *********************************************************************** Connection from: [154.20.130.200] Current time: Fri, 30 Oct 2015 18:36:30 GMT TLS negotiation time: 0.24848199 seconds Client Version: TLS 1.2 Client Random: 5632B3005CCC9D690D7F058B91EAFD111C43445189B55DCEABA72239B418BE27 Client Session ID: Client Cipher Suites: 002F TLS_RSA_WITH_AES_128_CBC_SHA Client Compression: NULL Server Name: www.mikestoolbox.org Server Version: TLS 1.2 Server Random: 7454D1AB0F422F6C1AE2C71B173B0A399624C4FDF86C51E12BBEE09121185757 Server Session ID: 6BB01CBB72610055088C73000001190ECCE982764AE7FDEFD4B072D93EFD8F04 Server Cipher Suite: 002F TLS_RSA_WITH_AES_128_CBC_SHA Server Compression: NULL Server Name Chosen: www.mikestoolbox.org Client Finished: BF07CA8C515AEBFD998CA2F6 Server Finished: ADFD3C9B1035C9A37886BC3E Master Secret: 1DD617E770C33235....BE067BFF3FEC3913 Bytes Sent: 1916 Bytes Received: 361 |
| Home Page |
