Search This Blog

Total Pageviews

SSL Handshake Overview

SSL handshake overview

SSL communication consists of a series of messages exchanged between two parties (client and server). The SSL handshake between a client and server consists of nine steps, and appears as follows:

Negotiation phase handshake examples

·         Successful negotiation

In the following example, the client offered protocol TLSv1.2 (version 3.3) and the server downgraded the protocol to TLSv1.0 (version 3.1). The server also chose the preferred cipher from the client's list:

1 1 0.0003 (0.0003) C>SV3.3(79) Handshake                   
Version 3.3
cipher suites

1 2 0.0008 (0.0005) S>CV3.1(74) Handshake
Version 3.1
cipherSuite TLS_RSA_WITH_RC4_128_SHA

·         Unsuccessful negotiation

In the following examples, the client and server fail to agree on the SSL protocol version in the first example, and the SSL cipher in the second example.

Example 1: The client and server unsuccessfully negotiate the protocol. The server does not support protocol version below TLS1 (version 3.1) and the client does not support protocol versions above SSLv3 (version 3.0):

1 1 0.0012 (0.0012) C>SV3.0(47) Handshake
Version 3.0
cipher suites

1 2 0.0013 (0.0000) S>CV0.0(2) Alert
level fatal
value handshake_failure

Example 2: The client and server unsuccessfully negotiate a cipher; the server does not support any of the client's ciphers. This is a common failure:

1 1 0.0012 (0.0012) C>SV3.1(58) Handshake
Version 3.2
cipher suites

1 2 0.0013 (0.0000) S>CV3.2(2) Alert
level fatal
value handshake_failure

No comments:

MongoDB Tutorial MongoDB Tutorial Table of Contents Introduction to MongoDB Installation Creating a Database Creati...