I have been trying to decrypt HTTPS Traffic between my server and client for couple of days. Version of Wireshark I have been using is Version 1.12.2 (v1.12.2-0-g898fa22 from master-1.12). I have the private key from my server and did upload the same in Wireshark(Edit > Preferences and RSA Keys List.) Even after sharing the private key of my server in wireshark, I'm unable to see decrypted data. Upon seeing my SSL debug logs, I could see these lines - ssl_decrypt_pre_master_secret wrong pre_master_secret length (256, expected 48) ssl_generate_pre_master_secret: can't decrypt pre master secret Wondering same works fine between client and server, but when I try decrypt them using same private key of my server in Wireshark, it couldn't be decrypted. Any pointer will be highly appreciated. asked 18 Dec '14, 16:54  Chocka |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
Please have a look at https://ask.wireshark.org/questions/38441/problem-with-decrypting-the-ssl-using-the-private-key. There are some requirements for decrypting traffic in Wireshark.
are you able to decrypt the sample capture files in the wiki (keys included)?