Ask Your Question
0

how best to track this problem down?

asked 2018-09-27 15:40:39 +0000

richb201 gravatar image

I have a Linux server which is running Let's Encrypt. The application on it is written in Codeigniter/PHP. I also have a Chrome Extesnion that I wrote in javascript. When the Extension wants to login to the server it sends a login message by using HTTPXML and a POST. The server sees that request, looks up some data to send back to the extension, and builds the headers and creates the payload, and then outputs the data. I have viewed the data with the debugger before it goes out and it looks fine. I also have the Chrome debugger open on the Extnesion. I see the response but the receive error at the Extnsion is server error 500. When I look in the error.log on the server I see a message
malformed header from script 'index.php': Bad header: {"0":["{choose}","IOS","Mac"," Somehow my payload (which is correct above) got shoved into one of the headers and the browser has an issue with that.

I don't know where this sequence is being screwed up? Is it the CI/PHP program? It looks ok in my debugger. Is it Let's Encrypt?

So what I want to do is to see the buffer, right after Let's Encrypt has finished encrypting but the data hasn't left the server yet (or has just left the server). I have managed to get Wireshark to capture the buffers on my machine where the Extension is running. I have followed the directions to set up SSLKEYLOG file on the client PC and it is catching data, but when I look at it in Follow TCP Stream, it is still encrypted and I can't read it. How can I see the uncrypted data? I don't recall telling Wireshark where my SSL credentials are?

Thanks for any advice.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-09-27 16:03:04 +0000

richb201 gravatar image

Never mind guys! I am now able to see the unencrypted data! I guess I was just looking at the wrong part of Wireshark. In this case I am catching the data as it arrives at the extension. If it is OK when it gets to the extension it must have been ok when it left the server!

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-09-27 15:40:39 +0000

Seen: 512 times

Last updated: Sep 27 '18