Ask Your Question

Revision history [back]

It's not you. It appears the TLS 1.3 Handshake now encrypts the certificate. Please see RFC-8446. Specifically, what you are seeing is that everything after the Server Hello are encrypted:

  "All handshake messages after the ServerHello are now encrypted.
  The newly introduced EncryptedExtensions message allows various
  extensions previously sent in the clear in the ServerHello to also
  enjoy confidentiality protection"

Great Question! I just noticed this myself, this past Sunday and it freaked me out!

Live Long & Prosper!