In this video we'll be covering how to troubleshoot some common TLS handshake problems using Wireshark. We'll review what a healthy handshake looks like, then dive into three failure scenarios:

1 - The target server is not running TLS on the specified port
2 - The target server does not accept the client's TLS version or cipher list
3 - The client does not accept the server's TLS certificate

Additional resources:

https://tls.ulfheim.net/ - An illustrated step-by-step guide to the TLS 1.2 handshake

https://tools.ietf.org/html/rfc5246 - TLS1.2 RFC (Request for Comments)

https://www.ssllabs.com/ssltest/ - Tool for testing public-facing TLS servers

https://badssl.com - Site featuring various misconfigured SSL pages, useful for testing