Re: 256 pre master encrypted key

[Sake Blok <sake () euronet nl>]

On 11 mrt 2010, at 16:24, junk () nofan com wrote:

> I've watch you presentation and it was very interesting but in my
> situation I have a signer certificate (which is shown in the server hello
> packet with a common name of TEST) which is stored in my computer and
> issued by the server and only personal certificate (common name=HOD) with
> private keys stored in my computer.
>
> I extracted the private keys from the personal certificate and it seemed
> it didn't match.

To be able to decrypt SSL traffic with Wireshark, you need to have the private key of the certificate that is presented 
in the Certificate message (which is being sent after the ServerHello). In your case this would be the private key of 
the certificate with the common name of TEST. This private key is stored on the server that you make a connection to.

> I am managing certificates with IBM ikeyman I think it's a bit confusing
> to me !!!

I have not used IBM ikeyman, so I can't help you there unfortunately...

Cheers,


Sake

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe