This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

TLS1.2 with client cert auth doesn’t send “Certificate Verify” message

0

As part of the TLS handshake with client cert authentication, the client sends a "Certificate Verify" message (https://ask.wireshark.org/questions/43671/certificate-verify-message).

What I have found from capturing packet dumps with Wireshark on multiple machines (Windows 10, Windows 2012 R2) is that the Certificate Verify message is NEVER sent with TLS1.2.

However, if I explicitly set it to TLS1.1 or TLS1.0, the cert verify message is indeed sent and the connection is established.

Therefore, I need to know why this message isn't sent with TLS1.2 (at least on newer versions of Windows) and how can I get it to send that?

asked 20 May '16, 08:35

Noam%20Marks's gravatar image

Noam Marks
1111
accept rate: 0%