Wireshark mailing list archives
Re: Wireshark & SSL
From: Sake Blok <sake () euronet nl>
Date: Wed, 18 Nov 2009 18:48:15 +0100
On Wed, Nov 18, 2009 at 11:10:13AM -0600, Ronald Nutter wrote:
I have a situation where I need to be able to capture and decode SSL traffic between a server and a user. After doing some searching via google, I think I understand that I need to get the .der and .pem files and run openssl to get the private key, plug that into wireshark in order to be able to decode the ssl traffic. If I am wrong, please correct me.
Almost correct, you would need *either* the DER *or* the PEM formatted private key that matches the certificate on the server. This private key can be found on the server and if it is not in PEM format, you can use openssl to convert it to PEM format (with no passphrase).
In the situations where I wont have access or be able to get the .der and .pem files, is there a way that I can decode SSL traffic when I am the endpoint (client) of a ssl communication with a server ?
Then network traces won't help you (luckily). What you could do is use Firefox with the httpfox plugin. It won't give you decrypted network traffic, but it does give you all the objects of the page in decrypted form (as it sits between the SSL decrypter and the page renderer). If you combine this with a network trace with the encrypted traffic, you have quite a good view on what's happening... Hope this helps, Cheers, Sake PS For IE, there is httpwatch, which is what httpfox is trying to mimic, but it needs a license. ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Wireshark & SSL Ronald Nutter (Nov 18)
- Re: Wireshark & SSL Sake Blok (Nov 18)
- Re: Wireshark & SSL DePriest, Jason R. (Nov 18)
- Re: Wireshark & SSL Laura Chappell (Nov 19)
- Re: Wireshark & SSL Sake Blok (Nov 18)