This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Https traffic can not be decrypted

0

Hi, I'm sorry , my English is not good defense . I have a problem in decoding htpps pages. I have tested the following page . http://www.foteviken.de/?p=2227 I have the address 78.47.216.236 , port 443 and http protocol , key file in text format . ( Key File is https://test.foteviken.de/ on the test page)
The log file is plain text , which is not any but . The plaintext is still encrypted. What am I doing wrong ? Can Wiresahrk ever decrypt https traffic?

My system : Win 8.1, Wireshark 1.12.3 , Firefox 35.0.1

... With a man in the middle proxy test page can be decrypted.

asked 05 Feb '15, 00:56

melli's gravatar image

melli
6112
accept rate: 0%

umm the cipher being used is tls_dhe_rsa which according to my research wireshark doesnt support(?) in your https data..U can check in server hello for the cipher suite..It must be tls_rsa_some_algo.I think thats the problem.

(05 Feb '15, 06:22) koundi

Thank you for your quick response. The Diffie-Hellman algorithm can not Wireshark I know. But I have my browser (Firefox) in the about: config set all ... ssl3.dhe_rsa_ .... to false.

Still do not understand why this does not work.

(05 Feb '15, 10:53) melli

so in wireshark capture what is the cipher suite that is being displayed in the server hello?? if it is tls_rsa only then it can be done...because when i tried doing the same thing from my pc ..my wireshark capture server hello had dhe_rsa as the cipher suite!!

(10 Feb '15, 02:16) koundi