Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Wireshark-users: Re: [Wireshark-users] wireshark ssl decryption for dummies

Date Index Thread Index Other Months All Mailing Lists

Date Prev Date Next Thread Prev Thread Next

From: Andrew Schweitzer <a.schweitzer.grps@xxxxxxxxx>
Date: Tue, 12 Sep 2006 23:03:13 -0400

ronnie sahlberg wrote:

can you try to put the key file in the same directory as the trace
and specify the key file without a path :
127.0.0.1 <http://127.0.0.1/>,3700,data,server.key

log file says:

association_remove_handle removing ptr 0496FED0 handle 0293D878
association_remove_handle removing ptr 04970368 handle 0293A138
association_remove_handle removing ptr 0496C350 handle 02920F88
association_remove_handle removing ptr 04970380 handle 02A78A40
ssl_init keys string 127.0.0.1,3700,data,e:\ethercap\server.key
ssl_init found host entry 127.0.0.1,3700,data,e:\ethercap\server.key
ssl_init addr 127.0.0.1 port 3700 filename e:\ethercap\server.key
ssl_get_version: 1.5.0
ssl_init private key file e:\ethercap\server.key successfully loaded
association_add port 3700 protocol data handle 02758DD0
association_add port 443 protocol http handle 0293D878
association_add port 636 protocol ldap handle 0293A138
association_add port 993 protocol imap handle 02920F88
association_add port 995 protocol pop handle 02A78A40
ssl_session_init: initializing ptr 04F63300 size 568
association_find: port 3700 found 04B262B0
packet_from_server: is from server 1
dissect_ssl server 11.38.144.142:3700
dissect_ssl can't find private key for this server!
dissect_ssl3_record: content_type 23
association_find: port 3700 found 04B262B0
dissect_ssl3_record: content_type 23
association_find: port 3700 found 04B262B0
ssl_session_init: initializing ptr 04F61978 size 568
association_find: port 1032 found 00000000
packet_from_server: is from server 0
dissect_ssl server 11.38.144.142:3700
dissect_ssl can't find private key for this server!
dissect_ssl3_record: content_type 22

dissect_ssl3_handshake iteration 1 type 1 offset 5 lenght 43 bytes,remaning 52

dissect_ssl3_record: content_type 22

dissect_ssl3_handshake iteration 1 type 2 offset 5 lenght 70 bytes,remaning 79

dissect_ssl3_record: content_type 22

Follow-Ups:
- Re: [Wireshark-users] wireshark ssl decryption for dummies
  - From: authesserre samuel

References:
- [Wireshark-users] wireshark ssl decryption for dummies
  - From: Andrew Schweitzer
- Re: [Wireshark-users] wireshark ssl decryption for dummies
  - From: ronnie sahlberg
- Re: [Wireshark-users] wireshark ssl decryption for dummies
  - From: Andrew Schweitzer
- Re: [Wireshark-users] wireshark ssl decryption for dummies
  - From: Andrew Schweitzer
- Re: [Wireshark-users] wireshark ssl decryption for dummies
  - From: ronnie sahlberg

Prev by Date: Re: [Wireshark-users] wireshark ssl decryption for dummies
Next by Date: Re: [Wireshark-users] wireshark ssl decryption for dummies
Previous by thread: Re: [Wireshark-users] wireshark ssl decryption for dummies
Next by thread: Re: [Wireshark-users] wireshark ssl decryption for dummies
Index(es):
- Date
- Thread