Wireshark-users: Re: [Wireshark-users] Strange SSL decode issue (SUPL, ULP)

From: "Ralf G. R. Bergs" <Ralf+WireShark@xxxxxxxxx>
Date: Wed, 15 Apr 2015 11:21:37 +0200
Hi Jaap.

Thanks for your reply.

On 2015-04-15 07:59 , Jaap Keuter wrote:
>> ssl_decrypt_pre_master_secret: session uses DH (17) key exchange, which is
>> impossible to decrypt
> As the debug log says, one backend node does while the other doesn't use a DH
> key exchange. I would look carefully at the crypto configuration of both backend
> nodes.
Sorry if I'm asking this question (it's because I'm not an expert in
this area), is it absolutely clear that there must be a config issue on
the server side? Or can it also be an issue with client behavior? That
the client in the one session behaved differently than in the other?

If you're really confident that it is a server-side issue, can you maybe
give me some hints where to look at? Would it be at the JVM level? Maybe
crypto policy files being different? Or Tomcat webapp container config?
Or even the webapp config itself?

Dank je wel.

Groetjes,

Ralf