While capturing the traffic using Wireshark, it captures only the traffic between the Client & the DNS server. We want to capture the traffic between the Client and the actual application server. In addition to that, the application we are trying to capture is SSL, in this case, we need to provide the certificate of the application server or the DNS server. I'm confused. asked 08 Jan '13, 21:16 madan |
One Answer:
Where did you capture? At the client? On the client? On the DNS server? Sounds like you were capturing at a spot where you only see the DNS communication, so maybe your capture setup wasn't good enough. Or maybe you had a capture filter set on your network card. If you need to decode SSL you need the private key of the application server (or the session key). The DNS server has nothing to do with the SSL session. answered 10 Jan '13, 13:18 Jasper ♦♦ |