Re: SSL decode "can't decrypt pre master secret"

[Graham Bloice <graham.bloice () trihedral com>]

Clinton James wrote:
> Sake Blok wrote:
>   
> > On Wed, Nov 18, 2009 at 12:49:03PM -0600, Clinton James wrote:
> >     
> > > Sake Blok wrote:
> > >       
> > > > On Tue, Nov 17, 2009 at 07:50:11AM -0600, Clinton James wrote:
> > > >         
> > > > > I can't seem to decrypt an exchange.  Google doesn't seem to give me
> > > > > much either.  I hoping someone can point me in the right direction.
> > > > > My client app is contacting the server WWW.XXX.YYY.ZZZ via https.
> > > > > [...]
> > > > > ce 7a 51 81 ff b6 d7 79 eb 8c 2c d5 5e 38 63 f8
> > > > > ssl_decrypt_pre_master_secret wrong pre_master_secret length (128,
> > > > > expected 48)
> > > > > dissect_ssl3_handshake can't decrypt pre master secret
> > > > >           
> > > > Are you sure the private key is the right one for the certificate
> > > > offered by site WWW.XXX.YYY.ZZZ?
> > > >         
> > > It is the same key I am using to establish the SSL connection to the
> > > server.  By a google search, I saw someone else say that transposing the
> > > IP in the SSL preference helped.  I have tried both and can't get it to
> > > decode.
> > >       
> > Ah... there is your problem. You need the *server* key, not the *client*
> > key, as it is not used for generating the session keys.
> >     
>
> So there is no way to decode an SSL session from the client side?
>   
Fiddler?  http://www.fiddler2.com/fiddler2/

-- 
Regards,

Graham Bloice

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe