Hi, I am trying to decrypt SSL traffic in wireshark . I dont have server given private key but instead I am trying with SessionID and Master key. I have exported the key file under Edit->Preferences->Protocols->SSL -> (Pre)-Master-Secret log filename option. Still Wireshark is not able to decrypt SSL traffic. Need help on this. I am using wireshark 1.10.5. Below is the configuration I have used. Running openssl server on linux box. openssl client on windows xp. Using self signed certificate. Linux:openssl req -new -x509 -out server.cert -keyout server.pem ..... openssl s_server -www -cipher AES256-SHA -cert server.cert -key server.pem ...... Windows xp:openssl s_client -connect <ipaddress: 4443=""> ...... GET / HTTP/1.0 ....... Example session_key.key file RSA Session-ID:0E1A3AAD99A68936E242D4BB2A2F66197F466FD7883D5AA604B9EF5EFC6EF5EE Master-Key:8186F7C4137167EFD92298F01FC07C0236DDC016BD1C3B559F17C87F63270945C975B37CBE24D29A44B0ED9643D59D1F Appreciate any help. Thanks asked 17 Jan '14, 02:30  Phani |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
Still having this problem with Wireshark 1.11.x or 1.12.x?