On Mon, Apr 09, 2007 at 01:52:21PM -0400, Jeffrey Ross wrote: > ok, then I'm missing something or doing something wrong. The key that was > given to me was in PKCS#12 format and I was provided the password for the > key. I then used openssh to convert the key to RSA with the following > command (on a linux system - FC6): > > openssl pkcs12 -in ./privatekey.p12 -out outkey.pem -nodes -nocerts > > I was asked for the key password and entered it: > Enter Import Password: <password entered> > MAC verified OK > > I removed the data before the line that started "BEGIN RSA PRIVATE KEY" > and used the line in wireshark: > 10.1.0.3,443,http,d:\capture\outkey.pem > > Where 10.1.0.3 is the IP address of the server that I have the private key > for.
Sounds about right to me :) > So either I'm still doing something wrong or the administrator has > provided me with the incorrect key, possible but not likely. > > Any help would be appreciated... Could you enable ssl-debugging by entering a filename in the ssl-protocol-preferences at "SSL debug file"? Are there any clues in the debug-file? If you need help interpreting, could you send the debug-file to the list (or me)? Just some shortcomings of the decryption-capabilities: - SSLv2 is not supported - Cipher 0x39 (TLS_DHE_RSA_WITH_AES_256_CBC_SHA) is not supported by the libraries used by Wireshark and is used for example by firefox Cheers, Sake _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
