[stunnel-users] Wireshark didn't show TLSv1 traffic?

Bao, Robert rbao at tycoint.com
Thu Feb 17 17:47:14 CET 2011


That worked!

Thank you, good night :)


-----Original Message-----
From: stunnel-users-bounces at stunnel.org [mailto:stunnel-users-bounces at stunnel.org] On Behalf Of Michal Trojnara
Sent: Thursday, February 17, 2011 11:43 AM
To: stunnel-users at stunnel.org
Subject: Re: [stunnel-users]Wireshark didn't show TLSv1 traffic?

"Bao, Robert" <rbao at tycoint.com> wrote:
> I have "ciphers = AES256-SHA" option in stunnel.conf file. And when the
> server/client established the connection, I see this line in the log
> file:
> Negotiated ciphers: AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
> However when I use Wireshark to sniff the traffic, I only see "TCP" in
> the <Protocol> column for the traffics between the server and the
> client.
> Is this normal? What did I do wrong?

Wireshark decodes protocols based on their port numbers.  It does not
attempt to guess the protocol type.  Whenever you use SSL on a non-standard
port, you need to manually reconfigure Wireshark.  On Windows just
right-click on a packet and select "Decode As" to configure non-standard
port as an SSL-based service.

stunnel-users mailing list
stunnel-users at stunnel.org

More information about the stunnel-users mailing list