Wireshark mailing list archives
Re: Extracting data from capture
From: Sake Blok <sake () euronet nl>
Date: Thu, 2 May 2013 13:31:46 +0200
Hi, I had a little trouble too, but google was a friend. As the certificate(s) are sent using SCEP, I looked up how SCEP transfers certificates and found out it is using pkcs7. Then the file is in DER form (as I could see several binary certificates in the exported HTTP object). Then openssl pkcs7 help did the rest. Here is how you can extract the certificates: openssl pkcs7 -inform DER -in <exported-http-object-filename> -print_certs Good luck! Sake On 2 mei 2013, at 09:11, radiatejava wrote:
Wireshark users, I have a packet capture in which there are http requests (over plain connection, not SSL) and their response. Response received is certificate or chain of certificates, possibly in binary data. It shows the content type of the object as 'application/x-x509-ca-ra-cert'. However, when I try to do 'ExportObjects' > HTTP and export the object, it exports fine but I am not able to view that certificate using any tool (like openssl or any other). I am suspecting wireshark is not exporting either fully or some issue. I have attached the file 20130417-213837_TCPDump.pcap here https://skydrive.live.com/?cid=90024b432de06aed&id=90024B432DE06AED!1107&authkey=!AG9x61vd9JLHYL0 Can someone tell me how do export the http response that has certificate so that I am view the certificate ? Appreciate the response here. Thanks/Satish. ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Extracting data from capture radiatejava (May 02)
- Re: Extracting data from capture Sake Blok (May 02)
- Re: Extracting data from capture radiatejava (May 02)
- Re: Extracting data from capture Sake Blok (May 03)
- Re: Extracting data from capture radiatejava (May 02)
- Re: Extracting data from capture Sake Blok (May 02)