c# HTTPS initial request from browser to webserver encrypted?

Question

Hi,

I have made a simple local server that is listening on 127.0.0.10:443 for HTTPS request from my browser. I have not used the proxy settings, just the url https://127.0.0.10/ just to see the initial request from the browser and I get encrypted data like:

►?? ↑ / 5 ♣ ?C ?↑;`????D♣9?¶#F%??
?‼?¶? ?
2 8 ‼ ♦☺ ↓ ♣ ♣☺
♠ ♦ ↨ ↑ ♂ ☻☺


I have read up a "little" on SSL protocol and I thought the 1st request was to set a encryption key, then the data was encrypted! Or is it in some other format liek base64?

Thanks

Answer 1

Actually the first request is encrypted using the servers public key, so that only the server can decrypt it using its secret private key. see http://support.microsoft.com/kb/257591

Answer 2

You should see unencrypted Client & Server hello messages, as well as the unencrypted transmission of the server's public key leading up to the first packet delivering encrypted "application data."

Most of the data being transmitted as part of an SSL handshake is pure binary (although you'll see as few readable strings like the server name, and the Certificate's friendly name, issuer, and description. I recommend using a tool like wireshark to break it down.

What are you trying to do with this anyway? If you're trying to debug HTTPS application traffic, I recommend using the Charles Web Debugging Proxy: http://www.charlesproxy.com/. I've used it to reverse engineer a few web services that were only accessible via HTTPS. You could also try a packet sniffer that supports decrypting SSL traffic (such as wireshark), although that may require you to have the server's private key.