This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I have been trying to decrypt HTTPS Traffic between my server and client for couple of days. Version of Wireshark I have been using is Version 1.12.2 (v1.12.2-0-g898fa22 from master-1.12).

I have the private key from my server and did upload the same in Wireshark(Edit > Preferences and RSA Keys List.)

Even after sharing the private key of my server in wireshark, I'm unable to see decrypted data. Upon seeing my SSL debug logs, I could see these lines - ssl_decrypt_pre_master_secret wrong pre_master_secret length (256, expected 48) ssl_generate_pre_master_secret: can't decrypt pre master secret

Wondering same works fine between client and server, but when I try decrypt them using same private key of my server in Wireshark, it couldn't be decrypted.

Any pointer will be highly appreciated.

asked 18 Dec '14, 16:54

Chocka's gravatar image

Chocka
11112
accept rate: 0%

Please have a look at https://ask.wireshark.org/questions/38441/problem-with-decrypting-the-ssl-using-the-private-key. There are some requirements for decrypting traffic in Wireshark.

(19 Dec '14, 03:46) Uli

are you able to decrypt the sample capture files in the wiki (keys included)?

http://wiki.wireshark.org/SampleCaptures#SSL_with_decryption_keys

(27 Dec '14, 12:35) Kurt Knochner ♦
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×165
×69

question asked: 18 Dec '14, 16:54

question was seen: 2,356 times

last updated: 27 Dec '14, 12:35

p​o​w​e​r​e​d by O​S​Q​A