This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

SSL \ TLS Decryption

Hi, I have a question, do I need to export the personal key in the server, I mean mmc -> certificates -> personal?

tls ssl decryption

asked 31 May '16, 16:35

ogoname
11●3●3●4
accept rate: 0%

converted 01 Jun '16, 01:59

grahamb ♦
19.8k●3●30●206

Your comment has been converted to a new question as that's how this site works. Please read the FAQ for more information.

(01 Jun '16, 02:00) grahamb ♦

One Answer:

Do the instructions on the Wiki SSL page help?

Basically, yes, you must extract the key from wherever it resides into a format that Wireshark can handle, usually a PEM file. For Windows, you'll need to install openssl to do this, export the certificate with the private key to a .pfx file (PKCS #12), and then use the openssl pkcs12 command given on the SSL page to extract the key. Windows will force you to protect the key in the .pfx file with a password, that should be given to openssl when it asks for it.

answered 01 Jun '16, 02:11

grahamb ♦
19.8k●3●30●206
accept rate: 22%