This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I'm tracing three IP addresses. Address A and Address B communicate with each other using HTTPS. Address C and B communicate with each other using raw packets that are encrypted using the same certificate as the other two. Address A and C are servers. My question is, when I configure Wireshark for SSL packets using the "SSL Decrypt Edit" form, what do I enter in the "protocol" field to trace hex data?

asked 14 Sep '12, 16:28

tcoder's gravatar image

tcoder
0568
accept rate: 0%


You can enter "data" as protocol, this will make Wireshark not interpret the decrypted data as any protocol, but it will just be shown as "data".

permanent link

answered 14 Sep '12, 23:46

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

Thanks! Just what I needed.

(16 Sep '12, 12:00) tcoder
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×319
×124
×122
×23

question asked: 14 Sep '12, 16:28

question was seen: 3,371 times

last updated: 16 Sep '12, 12:00

p​o​w​e​r​e​d by O​S​Q​A