This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

link text

i try it on the windows TShark (Wireshark) 1.99.9 (v1.99.9-0-g52a4a78 from master) no wireshark_ssl found and any pem file....

i want on centos decrypt ssl use by tshark.how?

asked 07 Sep '15, 00:57

zhylninc's gravatar image

zhylninc
6112
accept rate: 0%


Please take a look at the Wiki:

https://wiki.wireshark.org/SSL#Wireshark

If you search for "tshark", you'll find the following.

# tshark commands
tshark -o "ssl.desegment_ssl_records: TRUE" -o "ssl.desegment_ssl_application_data: TRUE" -o "ssl.keys_list: 127.0.0.1,4443,http,/home/dirkx/xx/privkey.pem" -o "ssl.debug_file: /home/dirkx/.wireshark-log" -i eth0 -R "tcp.port == 4443"

So, if that does not work for you, please post the full tshark command you were running and the full error message printed by tshark.

Regards
Kurt

permanent link

answered 07 Sep '15, 16:33

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×832
×15

question asked: 07 Sep '15, 00:57

question was seen: 1,515 times

last updated: 07 Sep '15, 16:33

p​o​w​e​r​e​d by O​S​Q​A