[TLS] Certificate Unknown

"Stephen Corcoran" <stephen.corcoran@anam.com> Wed, 03 May 2006 10:33 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FbEfl-0000GJ-3h; Wed, 03 May 2006 06:33:33 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FbEfj-0000GB-JU for tls@lists.ietf.org; Wed, 03 May 2006 06:33:31 -0400
Received: from [193.120.124.138] (helo=mail.anam.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FbEfi-0000xX-JX for tls@lists.ietf.org; Wed, 03 May 2006 06:33:31 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Wed, 3 May 2006 11:33:26 +0100
Message-ID: <F808656A265C82458A21CCA505A2B12E0169A480@MACKEN.anam.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Certificate Unknown
thread-index: AcZunQMmgsFyJjGBQfeSZsPBqE4xDg==
From: "Stephen Corcoran" <stephen.corcoran@anam.com>
To: <tls@lists.ietf.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: d01c7b9466fe967a5df27b46fdb03146
Cc: Conor Murphy <conor.murphy@anam.com>
Subject: [TLS] Certificate Unknown
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============0404722997=="
Errors-To: tls-bounces@lists.ietf.org

Hi All,

 

When I run ethereal trace on our ssl port 443 we receive the following
TLS alert over an over .

 

Our platform - 172.24.52.4

 

The  address 193.113.37.7  is a proxy server.

 

How do I stop the  " TLS Alert (Level: Fatal, Description: Certificate
Unknown) " warning ?

 

Any help much appreciated

 

 

tethereal -R "tcp.port == 443"    

 

3.415589 193.113.37.7 -> 172.24.52.4  SSLv2 Client Hello

  3.416193  172.24.52.4 -> 193.113.37.7 TLS Server Hello, Certificate,
Server Hello Done

  3.433146 193.113.37.7 -> 172.24.52.4  TCP 33136 > 443 [ACK] Seq=101
Ack=1274 Win=24820 Len=0

  3.455153 193.113.48.7 -> 172.24.52.4  TCP 51983 > 443 [SYN] Seq=0
Ack=0 Win=24820 Len=0 MSS=1460

  3.455433  172.24.52.4 -> 193.113.48.7 TCP 443 > 51983 [SYN, ACK] Seq=0
Ack=1 Win=32768 Len=0 MSS=1460

  3.459320 193.113.37.7 -> 172.24.52.4  TLS Alert (Level: Fatal,
Description: Certificate Unknown)

  3.459727  172.24.52.4 -> 193.113.37.7 TCP 443 > 33136 [FIN, ACK]
Seq=1274 Ack=108 Win=32768 Len=0

  3.463295 193.113.48.7 -> 172.24.52.4  TCP 51983 > 443 [ACK] Seq=1
Ack=1 Win=24820 Len=0

  3.472032 193.113.37.7 -> 172.24.52.4  TCP 33136 > 443 [ACK] Seq=108
Ack=1275 Win=24820 Len=0

  3.472293 193.113.37.7 -> 172.24.52.4  TCP 33136 > 443 [FIN, ACK]
Seq=108 Ack=1275 Win=24820 Len=0

  3.472385  172.24.52.4 -> 193.113.37.7 TCP 443 > 33136 [ACK] Seq=1275
Ack=109 Win=32768 Len=0

  3.483303 193.113.48.7 -> 172.24.52.4  SSLv2 Client Hello

  3.483813  172.24.52.4 -> 193.113.48.7 TLS Server Hello, Certificate,
Server Hello Done

  3.494287 193.113.37.7 -> 172.24.52.4  TCP 33150 > 443 [SYN] Seq=0
Ack=0 Win=24820 Len=0 MSS=1460

  3.494564  172.24.52.4 -> 193.113.37.7 TCP 443 > 33150 [SYN, ACK] Seq=0
Ack=1 Win=32768 Len=0 MSS=1460

  3.499953 193.113.48.7 -> 172.24.52.4  TCP 51983 > 443 [ACK] Seq=101
Ack=1274 Win=24820 Len=0

  3.503798 193.113.37.7 -> 172.24.52.4  TCP 33150 > 443 [ACK] Seq=1
Ack=1 Win=24820 Len=0

  3.524528 193.113.48.7 -> 172.24.52.4  TLS Alert (Level: Fatal,
Description: Certificate Unknown)

  3.524914  172.24.52.4 -> 193.113.48.7 TCP 443 > 51983 [FIN, ACK]
Seq=1274 Ack=108 Win=32768 Len=0

  3.533605 193.113.37.7 -> 172.24.52.4  SSLv2 Client Hello

  3.534025 193.113.48.7 -> 172.24.52.4  TCP 51983 > 443 [ACK] Seq=108
Ack=1275 Win=24820 Len=0

  3.534343  172.24.52.4 -> 193.113.37.7 TLS Server Hello, Certificate,
Server Hello Done

  3.542732 193.113.48.7 -> 172.24.52.4  TCP 51983 > 443 [FIN, ACK]
Seq=108 Ack=1275 Win=24820 Len=0

  3.542829  172.24.52.4 -> 193.113.48.7 TCP 443 > 51983 [ACK] Seq=1275
Ack=109 Win=32768 Len=0

  3.549016 193.113.48.7 -> 172.24.52.4  TCP 51999 > 443 [SYN] Seq=0
Ack=0 Win=24820 Len=0 MSS=1460

  3.549284  172.24.52.4 -> 193.113.48.7 TCP 443 > 51999 [SYN, ACK] Seq=0
Ack=1 Win=32768 Len=0 MSS=1460

  3.551178 193.113.37.7 -> 172.24.52.4  TCP 33150 > 443 [ACK] Seq=101
Ack=1274 Win=24820 Len=0

  3.557709 193.113.48.7 -> 172.24.52.4  TCP 51999 > 443 [ACK] Seq=1
Ack=1 Win=24820 Len=0

  3.576305 193.113.48.7 -> 172.24.52.4  SSLv2 Client Hello

  3.576801  172.24.52.4 -> 193.113.48.7 TLS Server Hello, Certificate,
Server Hello Done

  3.579662 193.113.37.7 -> 172.24.52.4  TLS Alert (Level: Fatal,
Description: Certificate Unknown)

  3.580041  172.24.52.4 -> 193.113.37.7 TCP 443 > 33150 [FIN, ACK]
Seq=1274 Ack=108 Win=32768 Len=0

  3.593021 193.113.48.7 -> 172.24.52.4  TCP 51999 > 443 [ACK] Seq=101
Ack=1274 Win=24820 Len=0

  3.593379 193.113.37.7 -> 172.24.52.4  TCP 33150 > 443 [ACK] Seq=108
Ack=1275 Win=24820 Len=0

  3.594083 193.113.37.7 -> 172.24.52.4  TCP 33150 > 443 [FIN, ACK]
Seq=108 Ack=1275 Win=24820 Len=0

  3.594186  172.24.52.4 -> 193.113.37.7 TCP 443 > 33150 [ACK] Seq=1275
Ack=109 Win=32768 Len=0

  3.612595 193.113.48.7 -> 172.24.52.4  TLS Alert (Level: Fatal,
Description: Certificate Unknown)

  3.612999  172.24.52.4 -> 193.113.48.7 TCP 443 > 51999 [FIN, ACK]
Seq=1274 Ack=108 Win=32768 Len=0

  3.621631 193.113.48.7 -> 172.24.52.4  TCP 51999 > 443 [ACK] Seq=108
Ack=1275 Win=24820 Len=0

  3.621906 193.113.48.7 -> 172.24.52.4  TCP 51999 > 443 [FIN, ACK]
Seq=108 Ack=1275 Win=24820 Len=0

  3.621999  172.24.52.4 -> 193.113.48.7 TCP 443 > 51999 [ACK] Seq=1275
Ack=109 Win=32768 Len=0

  3.638459 193.113.48.7 -> 172.24.52.4  TCP 52013 > 443 [SYN] Seq=0
Ack=0 Win=24820 Len=0 MSS=1460

  3.638745  172.24.52.4 -> 193.113.48.7 TCP 443 > 52013 [SYN, ACK] Seq=0
Ack=1 Win=32768 Len=0 MSS=1460

  3.646542 193.113.48.7 -> 172.24.52.4  TCP 52013 > 443 [ACK] Seq=1
Ack=1 Win=24820 Len=0

  3.668297 193.113.48.7 -> 172.24.52.4  SSLv2 Client Hello

  3.668821  172.24.52.4 -> 193.113.48.7 TLS Server Hello, Certificate,
Server Hello Done

  3.684799 193.113.48.7 -> 172.24.52.4  TCP 52013 > 443 [ACK] Seq=101
Ack=1274 Win=24820 Len=0

  3.702860 193.113.48.7 -> 172.24.52.4  TLS Alert (Level: Fatal,
Description: Certificate Unknown)

  3.703250  172.24.52.4 -> 193.113.48.7 TCP 443 > 52013 [FIN, ACK]
Seq=1274 Ack=108 Win=32768 Len=0

  3.712084 193.113.48.7 -> 172.24.52.4  TCP 52013 > 443 [ACK] Seq=108
Ack=1275 Win=24820 Len=0

  3.712346 193.113.48.7 -> 172.24.52.4  TCP 52013 > 443 [FIN, ACK]
Seq=108 Ack=1275 Win=24820 Len=0

  3.712439  172.24.52.4 -> 193.113.48.7 TCP 443 > 52013 [ACK] Seq=1275
Ack=109 Win=32768 Len=0

 

Kind Regards

Steve

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls