Re: The SSL tcp stream decoding in Users' Manual?

[Jeff Morriss <jeff.morriss.ws () gmail com>]

On 09/23/15 12:33, miro.rovis () croatiafidelis hr wrote:
> On 150923-13:17+0200, miro.rovis () croatiafidelis hr wrote:
> > In simple search, currently, if you open:
> >
> > https://www.wireshark.org/docs/wsug_html/
> >
> > and search the text for 'XXX', then (again: currently) the first
> > instance you encounter is:
> >
> > Follow SSL Stream | Same functionality as “Follow TCP Stream” but for
> > SSL streams. XXX - how to provide the SSL keys?
> >
> > Will there be that, in those docs, or is it in some other docs, and where in
> > the world of the [F]ree [O]pen [S]ource [S]oftware, to which the
> > Wireshark program belongs...
> >
> > Will there be that arcane knowledge, or, kind readers from anywhere who
> > are reading this, if it is somewhere else, pls. tell us!
> >
> > It's the piece of mosaic that, missing as it is, huge pictures in my
> > dumps just can not be put together, as in so many other users dumps...
> >
> > Regards!
> > --
> > Miroslav Rovis
> > Zagreb, Croatia
> > http://www.CroatiaFidelis.hr
>
> I'm asking about this issue on Gentoo Forums too.
>
> TLS (SSL) tcp stream decoding in your traffic dumps?
> https://forums.gentoo.org/viewtopic-t-1029408.html

So you just want to decrypt the SSL [so you can eventually follow the 
decrypted stream], right?  The wiki's got good documentation on how to 
do that:

https://wiki.wireshark.org/SSL

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org?subject=unsubscribe