2way SSL is set in IIS, in browser a client certificate is required, but when i capture the traffic in wireshark i see the handshake type is '11'

asked Aug 3 '0

Mahsa
1

I have an IIS server in which ssl setting is set to required for client certificates. even the client certificates are added to IIS server and each user has its own certificate and there is no way to connect to server without client certificate. But when i capture the traffic i don't see the certificate request packet in wireshark and the handshake type is '11'

answered Aug 3 '0

grahamb

flag of United Kingdom of Great Britain and Northern Ireland

23850 ●4 ●988 ●227 https://www.wireshark.org

A "Certificate Request" from the server should appear between the "Server Hello" and "Server Hello Done" messages and can be located using a display filter of tls.handshake.type == 13.

The handshake type 11 is for an actual certificate that is being transmitted in either direction and should be present for the server certificate and if the client sends a certificate.

If you don't see the certificate request then the server (or possibly an intervening proxy) isn't requesting a client certificate.

link

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

2way SSL is set in IIS, in browser a client certificate is required, but when i capture the traffic in wireshark i see the handshake type is '11'

1 Answer

Your Answer

Question Tools

Stats

Related questions

2way SSL is set in IIS, in browser a client certificate is required, but when i capture the traffic in wireshark i see the handshake type is '11' savecancel

1 Answer