Wireshark mailing list archives

Re: certificates and HTTPS pdus


From: rouli <rouli.net () gmail com>
Date: Tue, 5 Jul 2011 09:09:11 +0300

You can use a proxy server (such as Charles Proxy, Burp or Fiddler) and
proxy the ssl traffic. Then, all you have to know is the proxy's private
key, which can usually set by you. Here's some instructions I've found a few
months ago on how to do this with Fiddler, but I must admit I haven't tried
them yet:
http://security14.blogspot.com/2010/07/how-to-use-fiddler-and-wireshark-to.html

One thing to remember - using a proxy server may change your application
behavior. For example, Firefox may only open up to six concurrent sockets
(instead of tens) when using a proxy. Sometimes, however, that's your only
option.


On Tue, Jul 5, 2011 at 4:19 AM, Andrej van der Zee <
andrejvanderzee () gmail com> wrote:

Thanks for your email.

You need the private key from the server ('PEM' format private key or a
PKCS#12 keystore.) as per http://wiki.wireshark.org/SSL

And I assume their is no way to obtain the server's private key
without contacting the server's system administrators and become
really good friends first ;)

Is there absolutely no way around this?

Cheers,
Andrej
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org
?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread: