--------[libssl1.0.0_1.0.1-4ubuntu3 start]------ No. Time Source Destination Protocol Length Info 4 0.007849 IntelCor_11:22:33 ArubaNet_aa:bb:cc SSL 249 Client Hello Frame 4: 249 bytes on wire (1992 bits), 249 bytes captured (1992 bits) Arrival Time: Apr 20, 2012 14:50:47.717699000 PDT Epoch Time: 1334958647.717699000 seconds [Time delta from previous captured frame: 0.000758000 seconds] [Time delta from previous displayed frame: 0.000758000 seconds] [Time since reference or first frame: 0.007849000 seconds] Frame Number: 4 Frame Length: 249 bytes (1992 bits) Capture Length: 249 bytes (1992 bits) [Frame is marked: True] [Frame is ignored: False] [Protocols in frame: eth:eapol:eap:ssl] Ethernet II, Src: IntelCor_11:22:33 (a0:88:b4:11:22:33), Dst: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) Destination: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) Address: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Source: IntelCor_11:22:33 (a0:88:b4:11:22:33) Address: IntelCor_11:22:33 (a0:88:b4:11:22:33) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Type: 802.1X Authentication (0x888e) 802.1X Authentication Version: 1 Type: EAP Packet (0) Length: 231 Extensible Authentication Protocol Code: Response (2) Id: 2 Length: 231 Type: PEAP [Palekar] (25) Flags(0x1): PEAP version 1 Secure Sockets Layer SSL Record Layer: Handshake Protocol: Client Hello Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 220 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) Length: 216 Version: TLS 1.0 (0x0301) Random gmt_unix_time: Apr 20, 2012 14:50:47.000000000 PDT random_bytes: ad355b85651497dd318ea844656b4515dde171d533286f01... Session ID Length: 0 Cipher Suites Length: 102 Cipher Suites (51 suites) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a) Cipher Suite: TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA (0xc022) Cipher Suite: TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA (0xc021) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA (0xc00f) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA (0xc005) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (0xc012) Cipher Suite: TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc008) Cipher Suite: TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA (0xc01c) Cipher Suite: TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA (0xc01b) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) Cipher Suite: TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA (0xc00d) Cipher Suite: TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA (0xc003) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) Cipher Suite: TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA (0xc01f) Cipher Suite: TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA (0xc01e) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_RSA_WITH_SEED_CBC_SHA (0x009a) Cipher Suite: TLS_DHE_DSS_WITH_SEED_CBC_SHA (0x0099) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA (0xc00e) Cipher Suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA (0xc004) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_SEED_CBC_SHA (0x0096) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) Cipher Suite: TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (0xc007) Cipher Suite: TLS_ECDH_RSA_WITH_RC4_128_SHA (0xc00c) Cipher Suite: TLS_ECDH_ECDSA_WITH_RC4_128_SHA (0xc002) Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005) Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004) Cipher Suite: TLS_DHE_RSA_WITH_DES_CBC_SHA (0x0015) Cipher Suite: TLS_DHE_DSS_WITH_DES_CBC_SHA (0x0012) Cipher Suite: TLS_RSA_WITH_DES_CBC_SHA (0x0009) Cipher Suite: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA (0x0014) Cipher Suite: TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA (0x0011) Cipher Suite: TLS_RSA_EXPORT_WITH_DES40_CBC_SHA (0x0008) Cipher Suite: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x0006) Cipher Suite: TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x0003) Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff) Compression Methods Length: 1 Compression Methods (1 method) Compression Method: null (0) Extensions Length: 73 Extension: ec_point_formats Type: ec_point_formats (0x000b) Length: 4 EC point formats Length: 3 Elliptic curves point formats (3) EC point format: uncompressed (0) EC point format: ansiX962_compressed_prime (1) EC point format: ansiX962_compressed_char2 (2) Extension: elliptic_curves Type: elliptic_curves (0x000a) Length: 52 Elliptic Curves Length: 50 Elliptic curves (25 curves) Elliptic curve: sect571r1 (0x000e) Elliptic curve: sect571k1 (0x000d) Elliptic curve: secp521r1 (0x0019) Elliptic curve: sect409k1 (0x000b) Elliptic curve: sect409r1 (0x000c) Elliptic curve: secp384r1 (0x0018) Elliptic curve: sect283k1 (0x0009) Elliptic curve: sect283r1 (0x000a) Elliptic curve: secp256k1 (0x0016) Elliptic curve: secp256r1 (0x0017) Elliptic curve: sect239k1 (0x0008) Elliptic curve: sect233k1 (0x0006) Elliptic curve: sect233r1 (0x0007) Elliptic curve: secp224k1 (0x0014) Elliptic curve: secp224r1 (0x0015) Elliptic curve: sect193r1 (0x0004) Elliptic curve: sect193r2 (0x0005) Elliptic curve: secp192k1 (0x0012) Elliptic curve: secp192r1 (0x0013) Elliptic curve: sect163k1 (0x0001) Elliptic curve: sect163r1 (0x0002) Elliptic curve: sect163r2 (0x0003) Elliptic curve: secp160k1 (0x000f) Elliptic curve: secp160r1 (0x0010) Elliptic curve: secp160r2 (0x0011) Extension: SessionTicket TLS Type: SessionTicket TLS (0x0023) Length: 0 Data (0 bytes) Extension: Unknown 15 Type: Unknown (0x000f) Length: 1 Data (1 byte) No. Time Source Destination Protocol Length Info 5 0.011132 ArubaNet_aa:bb:cc IntelCor_11:22:33 TLSv1 60 Alert (Level: Fatal, Description: Bad Certificate) Frame 5: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) Arrival Time: Apr 20, 2012 14:50:47.720982000 PDT Epoch Time: 1334958647.720982000 seconds [Time delta from previous captured frame: 0.003283000 seconds] [Time delta from previous displayed frame: 0.003283000 seconds] [Time since reference or first frame: 0.011132000 seconds] Frame Number: 5 Frame Length: 60 bytes (480 bits) Capture Length: 60 bytes (480 bits) [Frame is marked: True] [Frame is ignored: False] [Protocols in frame: eth:eapol:eap:ssl] Ethernet II, Src: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc), Dst: IntelCor_11:22:33 (a0:88:b4:11:22:33) Destination: IntelCor_11:22:33 (a0:88:b4:11:22:33) Address: IntelCor_11:22:33 (a0:88:b4:11:22:33) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Source: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) Address: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Type: 802.1X Authentication (0x888e) Trailer: 000000000000000000000000000000000000000000000000... 802.1X Authentication Version: 1 Type: EAP Packet (0) Length: 17 Extensible Authentication Protocol Code: Request (1) Id: 3 Length: 17 Type: PEAP [Palekar] (25) Flags(0x81): Length PEAP version 1 Length: 7 Secure Sockets Layer TLSv1 Record Layer: Alert (Level: Fatal, Description: Bad Certificate) Content Type: Alert (21) Version: TLS 1.0 (0x0301) Length: 2 Alert Message Level: Fatal (2) Description: Bad Certificate (42) --------[libssl1.0.0_1.0.1-4ubuntu3 start]------ --------[libssl1.0.0_1.0.0e-2ubuntu4 start]------ No. Time Source Destination Protocol Length Info 4 0.009295 IntelCor_11:22:33 ArubaNet_aa:bb:cc TLSv1 115 Client Hello Frame 4: 115 bytes on wire (920 bits), 115 bytes captured (920 bits) Arrival Time: Apr 20, 2012 15:18:14.639243000 PDT Epoch Time: 1334960294.639243000 seconds [Time delta from previous captured frame: 0.002404000 seconds] [Time delta from previous displayed frame: 0.002404000 seconds] [Time since reference or first frame: 0.009295000 seconds] Frame Number: 4 Frame Length: 115 bytes (920 bits) Capture Length: 115 bytes (920 bits) [Frame is marked: True] [Frame is ignored: False] [Protocols in frame: eth:eapol:eap:ssl] Ethernet II, Src: IntelCor_11:22:33 (a0:88:b4:11:22:33), Dst: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) Destination: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) Address: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Source: IntelCor_11:22:33 (a0:88:b4:11:22:33) Address: IntelCor_11:22:33 (a0:88:b4:11:22:33) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Type: 802.1X Authentication (0x888e) 802.1X Authentication Version: 1 Type: EAP Packet (0) Length: 97 Extensible Authentication Protocol Code: Response (2) Id: 2 Length: 97 Type: PEAP [Palekar] (25) Flags(0x1): PEAP version 1 Secure Sockets Layer TLSv1 Record Layer: Handshake Protocol: Client Hello Content Type: Handshake (22) Version: SSL 3.0 (0x0300) Length: 86 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) Length: 82 Version: TLS 1.0 (0x0301) Random gmt_unix_time: Apr 20, 2012 15:18:14.000000000 PDT random_bytes: 4455a3ae0287bd3cd4247bfbd7e407c33f6bd7ce081f02c7... Session ID Length: 0 Cipher Suites Length: 36 Cipher Suites (18 suites) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) Cipher Suite: TLS_DHE_DSS_WITH_RC4_128_SHA (0x0066) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005) Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004) Compression Methods Length: 1 Compression Methods (1 method) Compression Method: null (0) Extensions Length: 5 Extension: renegotiation_info Type: renegotiation_info (0xff01) Length: 1 Data (1 byte) No. Time Source Destination Protocol Length Info 6 0.019685 ArubaNet_aa:bb:cc IntelCor_11:22:33 TLSv1 1038 Server Hello, Certificate, Server Key Exchange, Server Hello Done Frame 6: 1038 bytes on wire (8304 bits), 1038 bytes captured (8304 bits) Arrival Time: Apr 20, 2012 15:18:14.649633000 PDT Epoch Time: 1334960294.649633000 seconds [Time delta from previous captured frame: 0.009513000 seconds] [Time delta from previous displayed frame: 0.009513000 seconds] [Time since reference or first frame: 0.019685000 seconds] Frame Number: 6 Frame Length: 1038 bytes (8304 bits) Capture Length: 1038 bytes (8304 bits) [Frame is marked: True] [Frame is ignored: False] [Protocols in frame: eth:eapol:eap:ssl:pkcs-1:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:pkcs-1:x509ce:x509ce:pkix1implicit:x509ce:pkcs-1] Ethernet II, Src: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc), Dst: IntelCor_11:22:33 (a0:88:b4:11:22:33) Destination: IntelCor_11:22:33 (a0:88:b4:11:22:33) Address: IntelCor_11:22:33 (a0:88:b4:11:22:33) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Source: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) Address: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Type: 802.1X Authentication (0x888e) 802.1X Authentication Version: 1 Type: EAP Packet (0) Length: 1020 Extensible Authentication Protocol Code: Request (1) Id: 3 Length: 1020 Type: PEAP [Palekar] (25) Flags(0xC1): Length More PEAP version 1 Length: 1434 [2 EAP-TLS Fragments (1434 bytes): #6(1010), #8(424)] [Frame: 6, payload: 0-1009 (1010 bytes)] [Frame: 8, payload: 1010-1433 (424 bytes)] [Fragment count: 2] [Reassembled EAP-TLS length: 1434] Secure Sockets Layer TLSv1 Record Layer: Handshake Protocol: Server Hello Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 42 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 38 Version: TLS 1.0 (0x0301) Random gmt_unix_time: Apr 20, 2012 15:18:14.000000000 PDT random_bytes: 9c2a8d57da235c869a6cb02cb9256732160bd131cc629d2a... Session ID Length: 0 Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Compression Method: null (0) TLSv1 Record Layer: Handshake Protocol: Certificate Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 971 Handshake Protocol: Certificate Handshake Type: Certificate (11) Length: 967 Certificates Length: 964 Certificates (964 bytes) Certificate Length: 961 Certificate (id-at-commonName=win-radius-srv1.ad.caltech.edu,id-at-organizationalUnitName=Information Management Systems and,id-at-organizationName=California Institute of Technology,id-at-localityName=Pasadena,id-at-stateOrProvinceName=Ca signedCertificate version: v3 (2) serialNumber : 0x72d87fc7f46ffbf89636c50393d9ea3a signature (shaWithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.5 (shaWithRSAEncryption) issuer: rdnSequence (0) rdnSequence: 7 items (pkcs-9-at-emailAddress=premium-server@thawte.com,id-at-commonName=Thawte Premium Server CA,id-at-organizationalUnitName=Certification Services Division,id-at-organizationName=Thawte Consulting cc,id-at-localityName=Ca RDNSequence item: 1 item (id-at-countryName=ZA) RelativeDistinguishedName item (id-at-countryName=ZA) Id: 2.5.4.6 (id-at-countryName) CountryName: ZA RDNSequence item: 1 item (id-at-stateOrProvinceName=Western Cape) RelativeDistinguishedName item (id-at-stateOrProvinceName=Western Cape) Id: 2.5.4.8 (id-at-stateOrProvinceName) DirectoryString: printableString (1) printableString: Western Cape RDNSequence item: 1 item (id-at-localityName=Cape Town) RelativeDistinguishedName item (id-at-localityName=Cape Town) Id: 2.5.4.7 (id-at-localityName) DirectoryString: printableString (1) printableString: Cape Town RDNSequence item: 1 item (id-at-organizationName=Thawte Consulting cc) RelativeDistinguishedName item (id-at-organizationName=Thawte Consulting cc) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: Thawte Consulting cc RDNSequence item: 1 item (id-at-organizationalUnitName=Certification Services Division) RelativeDistinguishedName item (id-at-organizationalUnitName=Certification Services Division) Id: 2.5.4.11 (id-at-organizationalUnitName) DirectoryString: printableString (1) printableString: Certification Services Division RDNSequence item: 1 item (id-at-commonName=Thawte Premium Server CA) RelativeDistinguishedName item (id-at-commonName=Thawte Premium Server CA) Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: Thawte Premium Server CA RDNSequence item: 1 item (pkcs-9-at-emailAddress=premium-server@thawte.com) RelativeDistinguishedName item (pkcs-9-at-emailAddress=premium-server@thawte.com) Id: 1.2.840.113549.1.9.1 (pkcs-9-at-emailAddress) IA5String: premium-server@thawte.com validity notBefore: utcTime (0) utcTime: 09-09-09 23:53:17 (UTC) notAfter: utcTime (0) utcTime: 12-09-22 23:24:29 (UTC) subject: rdnSequence (0) rdnSequence: 6 items (id-at-commonName=win-radius-srv1.ad.caltech.edu,id-at-organizationalUnitName=Information Management Systems and,id-at-organizationName=California Institute of Technology,id-at-localityName=Pasadena,id-at-stateOrProvin RDNSequence item: 1 item (id-at-countryName=US) RelativeDistinguishedName item (id-at-countryName=US) Id: 2.5.4.6 (id-at-countryName) CountryName: US RDNSequence item: 1 item (id-at-stateOrProvinceName=California) RelativeDistinguishedName item (id-at-stateOrProvinceName=California) Id: 2.5.4.8 (id-at-stateOrProvinceName) DirectoryString: printableString (1) printableString: California RDNSequence item: 1 item (id-at-localityName=Pasadena) RelativeDistinguishedName item (id-at-localityName=Pasadena) Id: 2.5.4.7 (id-at-localityName) DirectoryString: printableString (1) printableString: Pasadena RDNSequence item: 1 item (id-at-organizationName=California Institute of Technology) RelativeDistinguishedName item (id-at-organizationName=California Institute of Technology) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: California Institute of Technology RDNSequence item: 1 item (id-at-organizationalUnitName=Information Management Systems and) RelativeDistinguishedName item (id-at-organizationalUnitName=Information Management Systems and Services) Id: 2.5.4.11 (id-at-organizationalUnitName) DirectoryString: printableString (1) printableString: Information Management Systems and Services RDNSequence item: 1 item (id-at-commonName=win-radius-srv1.ad.caltech.edu) RelativeDistinguishedName item (id-at-commonName=win-radius-srv1.ad.caltech.edu) Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: win-radius-srv1.ad.caltech.edu subjectPublicKeyInfo algorithm (rsaEncryption) Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption) Padding: 0 subjectPublicKey: 30818902818100e9c3b7b9306d54c1af1e0cd0b0bb735429... extensions: 4 items Extension (id-ce-extKeyUsage) Extension Id: 2.5.29.37 (id-ce-extKeyUsage) KeyPurposeIDs: 2 items KeyPurposeId: 1.3.6.1.5.5.7.3.1 (id-kp-serverAuth) KeyPurposeId: 1.3.6.1.5.5.7.3.2 (id-kp-clientAuth) Extension (id-ce-cRLDistributionPoints) Extension Id: 2.5.29.31 (id-ce-cRLDistributionPoints) CRLDistPointsSyntax: 1 item DistributionPoint distributionPoint: fullName (0) fullName: 1 item GeneralName: uniformResourceIdentifier (6) uniformResourceIdentifier: http://crl.thawte.com/ThawtePremiumServerCA.crl Extension (id-pe-authorityInfoAccessSyntax) Extension Id: 1.3.6.1.5.5.7.1.1 (id-pe-authorityInfoAccessSyntax) AuthorityInfoAccessSyntax: 1 item AccessDescription accessMethod: 1.3.6.1.5.5.7.48.1 (id-pkix.48.1) accessLocation: 6 uniformResourceIdentifier: http://ocsp.thawte.com Extension (id-ce-basicConstraints) Extension Id: 2.5.29.19 (id-ce-basicConstraints) critical: True BasicConstraintsSyntax algorithmIdentifier (shaWithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.5 (shaWithRSAEncryption) Padding: 0 encrypted: 673589effd6633aa6bfebee80e07860c21eb911c8f680fd2... TLSv1 Record Layer: Handshake Protocol: Server Key Exchange Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 397 Handshake Protocol: Server Key Exchange Handshake Type: Server Key Exchange (12) Length: 393 TLSv1 Record Layer: Handshake Protocol: Server Hello Done Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 4 Handshake Protocol: Server Hello Done Handshake Type: Server Hello Done (14) Length: 0 --------[libssl1.0.0_1.0.0e-2ubuntu4 end]------ --------[libgnutls26-2.12-14-5ubuntu3 start]------ No. Time Source Destination Protocol Length Info 4 0.007289 IntelCor_11:22:33 ArubaNet_aa:bb:cc TLSv1 115 Client Hello Frame 4: 115 bytes on wire (920 bits), 115 bytes captured (920 bits) Arrival Time: Apr 20, 2012 15:23:52.921308000 PDT Epoch Time: 1334960632.921308000 seconds [Time delta from previous captured frame: 0.001163000 seconds] [Time delta from previous displayed frame: 0.001163000 seconds] [Time since reference or first frame: 0.007289000 seconds] Frame Number: 4 Frame Length: 115 bytes (920 bits) Capture Length: 115 bytes (920 bits) [Frame is marked: True] [Frame is ignored: False] [Protocols in frame: eth:eapol:eap:ssl] Ethernet II, Src: IntelCor_11:22:33 (a0:88:b4:11:22:33), Dst: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) Destination: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) Address: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Source: IntelCor_11:22:33 (a0:88:b4:11:22:33) Address: IntelCor_11:22:33 (a0:88:b4:11:22:33) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Type: 802.1X Authentication (0x888e) 802.1X Authentication Version: 1 Type: EAP Packet (0) Length: 97 Extensible Authentication Protocol Code: Response (2) Id: 2 Length: 97 Type: PEAP [Palekar] (25) Flags(0x1): PEAP version 1 Secure Sockets Layer TLSv1 Record Layer: Handshake Protocol: Client Hello Content Type: Handshake (22) Version: SSL 3.0 (0x0300) Length: 86 Handshake Protocol: Client Hello Handshake Type: Client Hello (1) Length: 82 Version: TLS 1.0 (0x0301) Random gmt_unix_time: Apr 20, 2012 15:23:52.000000000 PDT random_bytes: 3d0b6e631295fa66aa2715e1cbb9b904cfa320ef8df95a1e... Session ID Length: 0 Cipher Suites Length: 36 Cipher Suites (18 suites) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) Cipher Suite: TLS_DHE_DSS_WITH_RC4_128_SHA (0x0066) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005) Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004) Compression Methods Length: 1 Compression Methods (1 method) Compression Method: null (0) Extensions Length: 5 Extension: renegotiation_info Type: renegotiation_info (0xff01) Length: 1 Data (1 byte) No. Time Source Destination Protocol Length Info 6 0.017529 ArubaNet_aa:bb:cc IntelCor_11:22:33 TLSv1 1038 Server Hello, Certificate, Server Key Exchange, Server Hello Done Frame 6: 1038 bytes on wire (8304 bits), 1038 bytes captured (8304 bits) Arrival Time: Apr 20, 2012 15:23:52.931548000 PDT Epoch Time: 1334960632.931548000 seconds [Time delta from previous captured frame: 0.007428000 seconds] [Time delta from previous displayed frame: 0.007428000 seconds] [Time since reference or first frame: 0.017529000 seconds] Frame Number: 6 Frame Length: 1038 bytes (8304 bits) Capture Length: 1038 bytes (8304 bits) [Frame is marked: True] [Frame is ignored: False] [Protocols in frame: eth:eapol:eap:ssl:pkcs-1:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:x509sat:pkcs-1:x509ce:x509ce:pkix1implicit:x509ce:pkcs-1] Ethernet II, Src: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc), Dst: IntelCor_11:22:33 (a0:88:b4:11:22:33) Destination: IntelCor_11:22:33 (a0:88:b4:11:22:33) Address: IntelCor_11:22:33 (a0:88:b4:11:22:33) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Source: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) Address: ArubaNet_aa:bb:cc (00:0b:86:aa:bb:cc) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Type: 802.1X Authentication (0x888e) 802.1X Authentication Version: 1 Type: EAP Packet (0) Length: 1020 Extensible Authentication Protocol Code: Request (1) Id: 3 Length: 1020 Type: PEAP [Palekar] (25) Flags(0xC1): Length More PEAP version 1 Length: 1434 [2 EAP-TLS Fragments (1434 bytes): #6(1010), #8(424)] [Frame: 6, payload: 0-1009 (1010 bytes)] [Frame: 8, payload: 1010-1433 (424 bytes)] [Fragment count: 2] [Reassembled EAP-TLS length: 1434] Secure Sockets Layer TLSv1 Record Layer: Handshake Protocol: Server Hello Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 42 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 38 Version: TLS 1.0 (0x0301) Random gmt_unix_time: Apr 20, 2012 15:23:52.000000000 PDT random_bytes: f265f4810aef44b8e3b1473dce4b722e8636983a827c3c5e... Session ID Length: 0 Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Compression Method: null (0) TLSv1 Record Layer: Handshake Protocol: Certificate Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 971 Handshake Protocol: Certificate Handshake Type: Certificate (11) Length: 967 Certificates Length: 964 Certificates (964 bytes) Certificate Length: 961 Certificate (id-at-commonName=win-radius-srv1.ad.caltech.edu,id-at-organizationalUnitName=Information Management Systems and,id-at-organizationName=California Institute of Technology,id-at-localityName=Pasadena,id-at-stateOrProvinceName=Ca signedCertificate version: v3 (2) serialNumber : 0x72d87fc7f46ffbf89636c50393d9ea3a signature (shaWithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.5 (shaWithRSAEncryption) issuer: rdnSequence (0) rdnSequence: 7 items (pkcs-9-at-emailAddress=premium-server@thawte.com,id-at-commonName=Thawte Premium Server CA,id-at-organizationalUnitName=Certification Services Division,id-at-organizationName=Thawte Consulting cc,id-at-localityName=Ca RDNSequence item: 1 item (id-at-countryName=ZA) RelativeDistinguishedName item (id-at-countryName=ZA) Id: 2.5.4.6 (id-at-countryName) CountryName: ZA RDNSequence item: 1 item (id-at-stateOrProvinceName=Western Cape) RelativeDistinguishedName item (id-at-stateOrProvinceName=Western Cape) Id: 2.5.4.8 (id-at-stateOrProvinceName) DirectoryString: printableString (1) printableString: Western Cape RDNSequence item: 1 item (id-at-localityName=Cape Town) RelativeDistinguishedName item (id-at-localityName=Cape Town) Id: 2.5.4.7 (id-at-localityName) DirectoryString: printableString (1) printableString: Cape Town RDNSequence item: 1 item (id-at-organizationName=Thawte Consulting cc) RelativeDistinguishedName item (id-at-organizationName=Thawte Consulting cc) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: Thawte Consulting cc RDNSequence item: 1 item (id-at-organizationalUnitName=Certification Services Division) RelativeDistinguishedName item (id-at-organizationalUnitName=Certification Services Division) Id: 2.5.4.11 (id-at-organizationalUnitName) DirectoryString: printableString (1) printableString: Certification Services Division RDNSequence item: 1 item (id-at-commonName=Thawte Premium Server CA) RelativeDistinguishedName item (id-at-commonName=Thawte Premium Server CA) Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: Thawte Premium Server CA RDNSequence item: 1 item (pkcs-9-at-emailAddress=premium-server@thawte.com) RelativeDistinguishedName item (pkcs-9-at-emailAddress=premium-server@thawte.com) Id: 1.2.840.113549.1.9.1 (pkcs-9-at-emailAddress) IA5String: premium-server@thawte.com validity notBefore: utcTime (0) utcTime: 09-09-09 23:53:17 (UTC) notAfter: utcTime (0) utcTime: 12-09-22 23:24:29 (UTC) subject: rdnSequence (0) rdnSequence: 6 items (id-at-commonName=win-radius-srv1.ad.caltech.edu,id-at-organizationalUnitName=Information Management Systems and,id-at-organizationName=California Institute of Technology,id-at-localityName=Pasadena,id-at-stateOrProvin RDNSequence item: 1 item (id-at-countryName=US) RelativeDistinguishedName item (id-at-countryName=US) Id: 2.5.4.6 (id-at-countryName) CountryName: US RDNSequence item: 1 item (id-at-stateOrProvinceName=California) RelativeDistinguishedName item (id-at-stateOrProvinceName=California) Id: 2.5.4.8 (id-at-stateOrProvinceName) DirectoryString: printableString (1) printableString: California RDNSequence item: 1 item (id-at-localityName=Pasadena) RelativeDistinguishedName item (id-at-localityName=Pasadena) Id: 2.5.4.7 (id-at-localityName) DirectoryString: printableString (1) printableString: Pasadena RDNSequence item: 1 item (id-at-organizationName=California Institute of Technology) RelativeDistinguishedName item (id-at-organizationName=California Institute of Technology) Id: 2.5.4.10 (id-at-organizationName) DirectoryString: printableString (1) printableString: California Institute of Technology RDNSequence item: 1 item (id-at-organizationalUnitName=Information Management Systems and) RelativeDistinguishedName item (id-at-organizationalUnitName=Information Management Systems and Services) Id: 2.5.4.11 (id-at-organizationalUnitName) DirectoryString: printableString (1) printableString: Information Management Systems and Services RDNSequence item: 1 item (id-at-commonName=win-radius-srv1.ad.caltech.edu) RelativeDistinguishedName item (id-at-commonName=win-radius-srv1.ad.caltech.edu) Id: 2.5.4.3 (id-at-commonName) DirectoryString: printableString (1) printableString: win-radius-srv1.ad.caltech.edu subjectPublicKeyInfo algorithm (rsaEncryption) Algorithm Id: 1.2.840.113549.1.1.1 (rsaEncryption) Padding: 0 subjectPublicKey: 30818902818100e9c3b7b9306d54c1af1e0cd0b0bb735429... extensions: 4 items Extension (id-ce-extKeyUsage) Extension Id: 2.5.29.37 (id-ce-extKeyUsage) KeyPurposeIDs: 2 items KeyPurposeId: 1.3.6.1.5.5.7.3.1 (id-kp-serverAuth) KeyPurposeId: 1.3.6.1.5.5.7.3.2 (id-kp-clientAuth) Extension (id-ce-cRLDistributionPoints) Extension Id: 2.5.29.31 (id-ce-cRLDistributionPoints) CRLDistPointsSyntax: 1 item DistributionPoint distributionPoint: fullName (0) fullName: 1 item GeneralName: uniformResourceIdentifier (6) uniformResourceIdentifier: http://crl.thawte.com/ThawtePremiumServerCA.crl Extension (id-pe-authorityInfoAccessSyntax) Extension Id: 1.3.6.1.5.5.7.1.1 (id-pe-authorityInfoAccessSyntax) AuthorityInfoAccessSyntax: 1 item AccessDescription accessMethod: 1.3.6.1.5.5.7.48.1 (id-pkix.48.1) accessLocation: 6 uniformResourceIdentifier: http://ocsp.thawte.com Extension (id-ce-basicConstraints) Extension Id: 2.5.29.19 (id-ce-basicConstraints) critical: True BasicConstraintsSyntax algorithmIdentifier (shaWithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.5 (shaWithRSAEncryption) Padding: 0 encrypted: 673589effd6633aa6bfebee80e07860c21eb911c8f680fd2... TLSv1 Record Layer: Handshake Protocol: Server Key Exchange Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 397 Handshake Protocol: Server Key Exchange Handshake Type: Server Key Exchange (12) Length: 393 TLSv1 Record Layer: Handshake Protocol: Server Hello Done Content Type: Handshake (22) Version: TLS 1.0 (0x0301) Length: 4 Handshake Protocol: Server Hello Done Handshake Type: Server Hello Done (14) Length: 0 --------[libgnutls26-2.12-14-5ubuntu3 end]------