Wireshark mailing list archives
Re: Extracting SSL certificate from SSL handshake
From: Sake Blok <sake () euronet nl>
Date: Wed, 19 Oct 2011 00:32:40 +0200
On 18 okt 2011, at 20:16, Robert Kochem wrote:
I am trying to extract the public certificate presented in the "Server Hello" message of an SSL handshake.
That's quite easy actually...
The SSL dissector highlights the certificate in the data stream but it seems not to be possible to do something else than just look at the data. Why is it not possible to do anything with the data in that window?
... you might want to refrain from limiting yourself with premature conclusions ;-) To extract a certificate, select the packet that contains the (reassembled) SSL Handshake message "Certificate". Expand the Certificates until you have list of Length and Certificate lines. Right click on the cetificate that you want to extract and choose for "Export Selected Bytes". It will save the certificate in DER format to the file you specify. Hope this helps, Cheers, Sake ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Extracting SSL certificate from SSL handshake Robert Kochem (Oct 18)
- Re: Extracting SSL certificate from SSL handshake firstname lastname (Oct 18)
- Re: Extracting SSL certificate from SSL handshake Sake Blok (Oct 18)
- Re: Extracting SSL certificate from SSL handshake Robert Kochem (Oct 18)
- Re: Extracting SSL certificate from SSL handshake Sake Blok (Oct 19)
- Re: Extracting SSL certificate from SSL handshake Robert Kochem (Oct 18)