This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I have a PCAP of TLSv1.2 traffic that I am attempting to decrypt. Since I have access to the server, I was able to copy it's private key. I would like to ask what should I do know to be able to decrypt this traffic. I did add the key to the properties page for the SSL protocol under the key section. The election that I provided was the server IP address, port 443 and protocol http with the link to the location of the .key file. After doing this I saved it and returned to the data and proceeded to follow the stream but to no avail since the data did not decrypt. Is there something that I am missing. Should I be using a file with a different extension??

Any assistance would be greatly appreciated.

Thank you Jesus

asked 25 Jan '17, 20:43

jdpadro's gravatar image

jdpadro
6223
accept rate: 0%

you should create the log file and post it here as that would help everyone to understand whats going on. In the SSL protocol preferences, there is a field where you can specify where to save the log file.

(26 Jan '17, 22:34) koundi
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×319
×62
×10

question asked: 25 Jan '17, 20:43

question was seen: 4,363 times

last updated: 26 Jan '17, 22:34

p​o​w​e​r​e​d by O​S​Q​A