Saturday, May 23, 2020

TLS Certificate received is different than what was sent

Hello folks,

Have a PCAP taken at the client (host base capture) and server side at a datacenter . I am not sure exactly sure where the capture point is at the DC.

The TLS certificate leaving the client is signed on the day of the PCAP, but that certificate seen on the server side is completely different (with a way wacky date, years off). Its riding the same IP packet (sequence # is the same). This is causing problems for our client application.

What could be causing this to happen? Some kind of mis-configured TLS proxy of some sort is what I am thinking... but what specifically?



No comments:

Post a Comment