Ask Your Question

2way SSL is set in IIS, in browser a client certificate is required, but when i capture the traffic in wireshark i see the handshake type is '11'

asked 2020-08-03 10:11:08 +0000

Mahsa gravatar image

I have an IIS server in which ssl setting is set to required for client certificates. even the client certificates are added to IIS server and each user has its own certificate and there is no way to connect to server without client certificate. But when i capture the traffic i don't see the certificate request packet in wireshark and the handshake type is '11'

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2020-08-03 11:17:37 +0000

grahamb gravatar image

A "Certificate Request" from the server should appear between the "Server Hello" and "Server Hello Done" messages and can be located using a display filter of tls.handshake.type == 13.

The handshake type 11 is for an actual certificate that is being transmitted in either direction and should be present for the server certificate and if the client sends a certificate.

If you don't see the certificate request then the server (or possibly an intervening proxy) isn't requesting a client certificate.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools


Asked: 2020-08-03 10:11:08 +0000

Seen: 1,118 times

Last updated: Aug 03 '20