SSL / TLS安全通道问题

时间:2016-08-02 13:18:30

标签: ssl wireshark tls1.2

我正在使用TLS 1.2 SRV 2K12 R2连接到服务器,但最终得到了可怕的“无法创建SSL / TLS SECURE CHANNEL”。我想知道是否有可能通过Wireshark找出原因。我只获取Client \ Server Hello,然后获得公共证书交换。

另一端完全支持TLS 1.0,1.1和1.2,并且在SSLLABS上有A等级,尽管使用SHA1证书。

以下是wireshark输出:https://www.dropbox.com/sh/yxjk3rj0lyclyn4/AADxGu6Q4tT6mzPXMJge7IGLa?dl=0

我还使用SSLSCAN扫描双方:

them
Supported Server Cipher(s):
    Accepted  TLSv1  256 bits  ECDHE-RSA-AES256-SHA
    Accepted  TLSv1  256 bits  AES256-SHA
    Accepted  TLSv1  128 bits  ECDHE-RSA-AES128-SHA
    Accepted  TLSv1  128 bits  ECDHE-RSA-DES-CBC3-SHA
    Accepted  TLSv1  128 bits  AES128-SHA
    Accepted  TLSv1  128 bits  DES-CBC3-SHA
    Accepted  TLS11  256 bits  ECDHE-RSA-AES256-SHA
    Accepted  TLS11  256 bits  AES256-SHA
    Accepted  TLS11  128 bits  ECDHE-RSA-AES128-SHA
    Accepted  TLS11  128 bits  ECDHE-RSA-DES-CBC3-SHA
    Accepted  TLS11  128 bits  AES128-SHA
    Accepted  TLS11  128 bits  DES-CBC3-SHA
    Accepted  TLS12  256 bits  ECDHE-RSA-AES256-GCM-SHA384
    Accepted  TLS12  256 bits  ECDHE-RSA-AES256-SHA384
    Accepted  TLS12  256 bits  ECDHE-RSA-AES256-SHA
    Accepted  TLS12  256 bits  AES256-SHA256
    Accepted  TLS12  256 bits  AES256-SHA
    Accepted  TLS12  128 bits  ECDHE-RSA-AES128-GCM-SHA256
    Accepted  TLS12  128 bits  ECDHE-RSA-AES128-SHA256
    Accepted  TLS12  128 bits  ECDHE-RSA-AES128-SHA
    Accepted  TLS12  128 bits  ECDHE-RSA-DES-CBC3-SHA
    Accepted  TLS12  128 bits  AES128-SHA256
    Accepted  TLS12  128 bits  AES128-SHA
    Accepted  TLS12  128 bits  DES-CBC3-SHA

  Preferred Server Cipher(s):
    SSLv2  0 bits    (NONE)
    SSLv3  0 bits    (NONE)
    TLSv1  256 bits  ECDHE-RSA-AES256-SHA
    TLS11  256 bits  ECDHE-RSA-AES256-SHA
    TLS12  256 bits  ECDHE-RSA-AES256-GCM-SHA384

me

 Supported Server Cipher(s):
    Accepted  TLSv1  256 bits  ECDHE-RSA-AES256-SHA
    Accepted  TLSv1  256 bits  AES256-SHA
    Accepted  TLSv1  128 bits  ECDHE-RSA-AES128-SHA
    Accepted  TLSv1  128 bits  AES128-SHA
    Accepted  TLSv1  128 bits  DES-CBC3-SHA
    Accepted  TLS11  256 bits  ECDHE-RSA-AES256-SHA
    Accepted  TLS11  256 bits  AES256-SHA
    Accepted  TLS11  128 bits  ECDHE-RSA-AES128-SHA
    Accepted  TLS11  128 bits  AES128-SHA
    Accepted  TLS11  128 bits  DES-CBC3-SHA
    Accepted  TLS12  256 bits  ECDHE-RSA-AES256-SHA384
    Accepted  TLS12  256 bits  ECDHE-RSA-AES256-SHA
    Accepted  TLS12  256 bits  AES256-GCM-SHA384
    Accepted  TLS12  256 bits  AES256-SHA256
    Accepted  TLS12  256 bits  AES256-SHA
    Accepted  TLS12  128 bits  ECDHE-RSA-AES128-SHA256
    Accepted  TLS12  128 bits  ECDHE-RSA-AES128-SHA
    Accepted  TLS12  128 bits  AES128-GCM-SHA256
    Accepted  TLS12  128 bits  AES128-SHA256
    Accepted  TLS12  128 bits  AES128-SHA
    Accepted  TLS12  128 bits  DES-CBC3-SHA

  Preferred Server Cipher(s):
    TLSv1  256 bits  ECDHE-RSA-AES256-SHA
    TLS11  256 bits  ECDHE-RSA-AES256-SHA
    TLS12  256 bits  ECDHE-RSA-AES256-SHA384

0 个答案:

没有答案
相关问题
最新问题