Encrypted Alert in sniffer trace

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Encrypted Alert in sniffer trace


Hi –


I have a simple TLS client with OpenSSL. It works fine but one oddity…

When all is completed I call SSL_shutdown(ssl). At that point I see in the sniffer trace an Encryption Alert


I read response from server -- SSL_read(ssl, buff2, sizeof(buff2) - 1);

https > 1154 [FIN, ACK]

1154 > https [ACK]


Then I call SSL_shutdown(ssl); and my client sends: TLS Encrypted Alert:

Frame 13 (83 bytes on wire, 83 bytes captured)

Ethernet II, Src: …, Dst: …

Internet Protocol, Src: (, Dst: …

Transmission Control Protocol, Src Port: 1154 (1154), Dst Port: https (443), Seq: 483, Ack: 1891, Len: 29

Secure Socket Layer

    TLS Record Layer: Encrypted Alert

        Content Type: Alert (21)

        Version: TLS 1.0 (0x0301)

        Length: 24

        Alert Message: Encrypted Alert


Then I get..

https > 1154 [ACK]

https > 1154 [RST, ACK]


All seems OK and the client works fine but I do not know why I get the alert?


Thank you!