-1

I am attempting to open a secure socket using the TLS protocol. Looking at the records sent between client and server, I am able to progress through ClientHello, ServerHello, Certificate (server), ServerHelloDone, ClientKeyExchange, and ChangeCipherSpec (client). However the server fails to decrypt the client's Finished message. Next some regular TCP messages are exchanged, first a record sent from the server with the Finished flag, then two records sent from the client, the second with a Finished flag, and then one more record sent from the server.

This setup used to work but I recently changed the server's certificate. Given this I would have expected the handshake to fail after the Certificate record rather than when trying to decrypt the first piece of encrypted data. Is this handhsake error indicative of an unauthenticated certificate? If not what could it indicate? I did not receive any alerts.

janus
  • 1
  • 1

1 Answers1

-1

If I were to take a wild guess, I would guess the problem is entirely on the server side. I'm guessing that you did not correctly change the private key along with the public key (certificate), and the server is trying to decrypt with its old private key. I believe that the sequence of TLS messages you describe is consistent with this scenario.

President James K. Polk
  • 40,516
  • 21
  • 95
  • 125
  • No. The only thing the server does with its private key is sign its certificate. The client checks that signature with the public key embedded in the certificate. If that was the problem the handshake would have failed. – user207421 Nov 10 '10 at 03:22
  • @EJP: The server does not sign the certificate with its private key, the certificate authority does. The server must decrypt the Client Key Exchange message with its private key. – President James K. Polk Nov 10 '10 at 12:00