PCAP seem buggy in Wireshark 1.6.2 while seem fine with 1.2 version

[P R <memyselfandjava () gmail com>]

Hello:

I'm a newbie to Wireshark and hence my early apology for a rudimentary
question.

I had to do troubleshoot an SSL handshake recently and hence requested a
snoop to be taken on the server side from my client. I opened the PCAP
snoop in 1.6.2 version and decoded the packets as SSL. The result I see in
Wireshark 1.6.2 was entirely different from what my client was seeing. He
uses 1.2 to view the same trace and the SSL handshake seem to be very
obvious in the older version. Even the tcp.stream was different between 2
versions of the same trace. In the new version, I get "Ignored unkown
record" while the older version clearly shows the client hello, server
hello and the certificate being exchanged from the server to the client.

Is switching to an older version of Wireshark is my only option? Or is
there a configuration that I can tweak to get this to work in my newer
version?

Appreciate any response.

-- 
/PR

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe