This is a multi-part message in MIME format. --------------070504080304040006030107 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit
That's what I did initially, but the wiki of wireshark recommends -s 65535 .Hi Philippe,Handshake Protocol: Server Hello [...] Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) I don't see any DH here, so maybe that's not the problem.I agree, it doesn't look like it's using DH. What would be interesting to see if you see a "Client key exchange" or a "Server key exchange" at the beginning of the SSL session in your capture when you look at it in Wireshark. Also, you might want to use "-s 0" when running tcpdump, that just captures everything.