Browsed by
Category: IIS

TLS Extended Master Secret, Breaking SSL Proxies ?>

TLS Extended Master Secret, Breaking SSL Proxies

SSL Proxy Failing To Decrypt The Handshake, Fixing Connection Reset Issue in New Browsers There was a new update couple of months ago affecting web servers and web browsers introducing a new TLS extension (Extended master secret) that changes the way master_secret is generated. This update broke the devices that were doing SSL inspection or proxy because they wouldn’t be able to decrypt the handshake and ultimately would reset the connection. In this post we’re going discuss the issue and…

Read More Read More

Client Certificate Authentication in SSL/TLS and its interaction with Web Application Firewalls ?>

Client Certificate Authentication in SSL/TLS and its interaction with Web Application Firewalls

In a previous blog post I discussed about Client Certificate Authentication and possible implementation methods. In this post I’m going to delve deep into TLS protocol implementation, specifically the Client Certificate part. During the setup of Client Certificate Authentication on a web application I faced various issues and when a piece of technology is just a black box in your view, there’s not much tuning or debugging that can take place when things stop working. So I spent a handful…

Read More Read More