Wireshark mailing list archives

Re: Wireshark & SSL


From: "Laura Chappell" <lchappell () packet-level com>
Date: Wed, 18 Nov 2009 13:47:29 -0800

Hi Ron, 

 

I'm a bit late in responding, sorry - got hit with this flu going around -
ugh. Finding it exhausting trying to keep up with work and get enough sleep.


 

You have to have the keys to do the decode. Saw you posted to forum - good
idea.  

 

Laura

 

From: wireshark-users-bounces () wireshark org
[mailto:wireshark-users-bounces () wireshark org] On Behalf Of Ronald Nutter
Sent: Wednesday, November 18, 2009 9:10 AM
To: 'wireshark-users () wireshark org'
Subject: [Wireshark-users] Wireshark & SSL

 

I have a situation where I need to be able to capture and decode SSL traffic
between a server and a user.  After doing some searching via google, I think
I understand that I need to get the .der and .pem files and run openssl to
get the private key, plug that into wireshark in order to be able to decode
the ssl traffic.  If I am wrong, please correct me.

 

In the situations where I wont have access or be able to get the .der and
.pem files, is there a way that I can decode SSL traffic when I am the
endpoint (client) of a ssl communication with a server ?

 

Ron

 

Ronald Nutter
Network Engineer

HNTB Companies
715 Kirk Drive
Kansas City, Mo. 64105
816-527-2787

This e-mail and any files transmitted with it are confidential 
and are intended solely for the use of the individual or entity 
to whom they are addressed. 
 
If you are NOT the intended recipient or the person responsible for 
delivering the e-mail to the intended recipient, 
be advised that you have received this e-mail in error and that any use, 
dissemination, forwarding, printing or copying this e-mail is strictly
prohibited.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread: