This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Decryption of HTTPS Traffic

0

I have been trying to decrypt HTTPS Traffic between my server and client for couple of days. Version of Wireshark I have been using is Version 1.12.2 (v1.12.2-0-g898fa22 from master-1.12).

I have the private key from my server and did upload the same in Wireshark(Edit > Preferences and RSA Keys List.)

Even after sharing the private key of my server in wireshark, I'm unable to see decrypted data. Upon seeing my SSL debug logs, I could see these lines - ssl_decrypt_pre_master_secret wrong pre_master_secret length (256, expected 48) ssl_generate_pre_master_secret: can't decrypt pre master secret

Wondering same works fine between client and server, but when I try decrypt them using same private key of my server in Wireshark, it couldn't be decrypted.

Any pointer will be highly appreciated.

asked 18 Dec '14, 16:54

Chocka's gravatar image

Chocka
11112
accept rate: 0%

Please have a look at https://ask.wireshark.org/questions/38441/problem-with-decrypting-the-ssl-using-the-private-key. There are some requirements for decrypting traffic in Wireshark.

(19 Dec '14, 03:46) Uli

are you able to decrypt the sample capture files in the wiki (keys included)?

http://wiki.wireshark.org/SampleCaptures#SSL_with_decryption_keys

(27 Dec '14, 12:35) Kurt Knochner ♦