My server is running on localhost:4443, with HTTP2 support. I followed the instruction in https://wiki.wireshark.org/SSL, but still can't decode SSL packets.
Here's first few lines of log file
Wireshark version: 2.2.0 (v2.2.0-0-g5368c50 from master-2.2)
GnuTLS version: 2.12.19
Libgcrypt version: 1.5.0
KeyID[20]:
| 04 a1 5f 0f 46 4f 3b 09 5e 8d c0 58 23 cc e7 3a |.._.FO;.^..X#..:|
| 6c ea 49 ff |l.I. |
ssl_load_key: swapping p and q parameters and recomputing u
ssl_init private key file /Users/laike9m/Dev/HTTP2/h2-playground/server.key successfully loaded.
ssl_init port '4443' filename '/Users/laike9m/Dev/HTTP2/h2-playground/server.key' password(only for p12 file) ''
association_add ssl.port port 4443 handle 0x11d0a4f00
dissect_ssl enter frame #13 (first time)
packet_from_server: is from server - FALSE
conversation = 0x12042f000, ssl_session = 0x12042fbe0
record: offset = 0, reported_length_remaining = 517
dissect_ssl3_record: content_type 22 Handshake
Calculating hash with offset 5 512
decrypt_ssl3_record: app_data len 512, ssl state 0x00
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 1 offset 5 length 508 bytes, remaining 517
ssl_dissect_hnd_hello_common found CLIENT RANDOM -> state 0x01
Here’s my settings: http://postimg.org/image/48r95uo09/ (not enough karma to upload here)
Here’s the result: http://postimg.org/image/a413xkdv1/
Thank you.
asked 19 Sep ‘16, 18:14
laike9m
11●2●3●7
accept rate: 0%
What cipher is in use? You cannot use RSA private keys to decrypt sessions using (EC)DHE cipher suites.