kolos_ws@ural2.hu wrote:

Hi Philippe,

Handshake Protocol: Server Hello
[...]
Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)

I don't see any DH here, so maybe that's not the problem.


I agree, it doesn't look like it's using DH. What would be interesting to 
see if you see a "Client key exchange" or a "Server key exchange" at the 
beginning of the SSL session in your capture when you look at it in 
Wireshark.

Also, you might want to use "-s 0" when running tcpdump, that just 
captures everything.

That's what I did initially, but the wiki of wireshark recommends -s 65535 .

I did several screenshots of my session, to show the different SSL packets. If anything explains why I can't decode it, that would be great. All are attached to this email (hoping the ML will let it through).

cheers,

Philippe