Closed fmaacmab closed 5 years ago
This may be related with OpenSSL 1.1.1 (see the comments on issue #242). But I couldn't test it, because I guess you have replaced the actual url with company.net in the debug output, am I right? (My DNS server gives me a different IP for company.net, which goes to sedoparking.com anyway.) If so, can you send me the actual url so I can test with LibreSSL at least?
Hi, thank you very much for your reply!
While I cannot disclose the actual name/IP needed by the locally installed app (NDA related), I get the same behavior when using Google https://www.google.com:443 in any locally installed browsers Windows client, in my case I tested chrome and edge.
Thank you again for taking the time to reply!
If google.com causes the same error, then I am almost certain that it is due to OpenSSL 1.1.1. Can you downgrade OpenSSL to, say, 1.1.0 to see if that will fix it? I hope you are able downgrade OpenSSL, if this is urgent for you.
Thank you, I will try a downgrade ASAP. Meanwhile, your LibreSSL comment made me curious, if you have some time and it's not too much trouble can you perhaps give it a try and test it with LibreSSL?
Thanks!
Hi, even after the downgrade I still get the same error. But at this point I don't think it's sslsplit the problem.
Thanks for all your help!
Duplicate of #248
Hi,
Straightforward brand new set up Windows 10 client using a gateway to a kali mitm traffic flow is fine to/fro client to the Internet via kali
I get
loading src server certificate failed
on port 443 (if (SSL_CTX_use_certificate(sslctx, crt) != 1)
). Same behavior if using chrome browser or edge browser on the client, also same behavior when request comes from a locally installed app that attempts authentication to a remote server via port 443I used https://blog.heckel.xyz/2013/08/04/use-sslsplit-to-transparently-sniff-tls-ssl-connections/ for basic configuration. The sslsplit certificate is installed in
trusted root certification authorities
on Windows clientPlease let me know.
Thanks!
ca_crt.txt iptables_rules.txt openssl_version.txt sslsplit_command.txt sslsplit_debug_output.txt sslsplit_V.txt uname_a.txt
ca.key.txt