This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I'm running Wireshark v2.2.0 in a Kali Linux VM. I have the SSLKEYLOGFILE environment variable set, so that SSL keys will be saved and Wireshark pointed to that file. I've got Chrome v55.0 installed in Kali also. This setup works and I'm able to capture sessions from SSL websites, store the SSL keys, view the decrypted packets and export HTTP objects. However, when I try this on Instagram the decryption fails. Everything seems to be working the same, i.e., SSL keys are being stored to the log file and the packets are being captured. But it doesn't show the "decrypted" tab for the packets and on the the export HTTP objects window, no objects are shown. Anyone got an idea how I can decrypt this session?

Thanks.

asked 28 Dec '16, 11:33

who_me's gravatar image

who_me
6113
accept rate: 0%


For SSL/TLS decryption, ensure that the full handshake is captured (clear browser cache).

For Export HTTP Objects, note that this is currently not supported for HTTP/2 (which is what Instagram seems to use).

permanent link

answered 31 Dec '16, 06:10

Lekensteyn's gravatar image

Lekensteyn
2.2k3724
accept rate: 30%

This fixed the SSL problem. Thanks!

(31 Dec '16, 08:23) who_me

Since the answer appears to have answered your question please be sure to Accept it (by checking on the checkmark next to it). See the FAQ.

(03 Jan '17, 14:50) JeffMorriss ♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×56
×3

question asked: 28 Dec '16, 11:33

question was seen: 1,727 times

last updated: 03 Jan '17, 14:50

p​o​w​e​r​e​d by O​S​Q​A