[Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>]

That would be my guess - that the server is requesting the client certificate via renegotiation.  Good research. :-)

A good way to confirm would be to configure Wireshark to decrypt the TLS.

On Wed, Oct 30, 2024 at 6:26 AM mahesh b <mahesh.b.2487@xxxxxxxxx> wrote:

Or is this happening https://security.stackexchange.com/questions/277457/why-is-the-browser-being-prompted-for-a-client-certificate-without-a-certificate 

On Wed, Oct 30, 2024 at 2:12 PM mahesh b <mahesh.b.2487@xxxxxxxxx> wrote:

Hi,

   I am trying to see the tls 1.2 handshake for mutual tls, the mutual tls handshake is success, cause i see that client application is popped up with an option to pick the client certificate it has to choose for the handshake to succeed.  

But in wireshark am neither seeing "Certificate Request" sent from server to client and the client sending its "Certificate" 

I also tried the suggestion mentioned here https://ask.wireshark.org/question/23327/not-able-to-see-client-certificate-in-capture/ it dint work, googling further i see another thread https://seclists.org/wireshark/2019/Jun/2 , tried the suggestions as well dint work. 

Can pls someone help wat configurations am i missing ? to see the certificate request and client certificate in the tls 1.2 handshake.

I understand in tls 1.3 everything is encrypted after server hello. My question is specifically for tls 1.2 handshake.

    Am using the below

Wireshark : Version 4.4.1 (v4.4.1-0-g575b2bf4746e)

Windows 11(client running here) and Windows 2022 (Server running here)

Regards,

Mahesh.B

_______________________________________________
Wireshark-dev mailing list -- wireshark-dev@xxxxxxxxxxxxx
To unsubscribe send an email to wireshark-dev-leave@xxxxxxxxxxxxx