This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Decode SSL transport with PEM file that has a passphase

0

I am trying to decode a PCAP file that has SSL transport. It has a PEM file with a passphase. Seems like that is a limitation that it doesn't work if the PEM has a passphase. Scenario: View -> Preferences -> SSL -> RSA keys list => add PEM file with pasephase

Any workaround how to remove passphase? Thanks

asked 01 Nov '15, 05:06

yoava's gravatar image

yoava
6224
accept rate: 0%

One Answer:

2

Given a PEM-encoded private key file (beginning with -----BEGIN ENCRYPTED PRIVATE KEY-----), you can remove the passphrase with the openssl program:

openssl rsa -in encrypted-key.pem  -out key.pem

The resulting key.pem file will then begin with -----BEGIN RSA PRIVATE KEY----- which is accepted by Wireshark.

answered 01 Nov '15, 05:53

Lekensteyn's gravatar image

Lekensteyn
2.2k3724
accept rate: 30%