Wireshark-dev: Re: [Wireshark-dev] decrypting SSL traffic that goes through an SSL terminating
From: Sake Blok <[email protected]>
Date: Fri, 8 Feb 2008 09:49:47 +0100
On Thu, Feb 07, 2008 at 11:40:12PM -0600, DePriest, Jason R. wrote:
> 
> Has anyone had experience with Blue Coat's in general for this sort of
> thing?  I can see the keyring that Blue Coat is configured to use and
> the encrypted form of *a* key.  Even after putting it in a file and
> converting it using openssl command-line tools into a form that
> Wireshark should read, I get errors.

Is this proxy a transparent proxy (client opens connection to
the ip address of the website, but is redirected somehow to the
proxy) or a full proxy (client opens connection to the proxy
ip address).

In case it is a full proxy, have you tried using the following
in the ssl protocol settings?

<ip-of-proxy>,<proxy-port>,http,<keyfile>

Cheers,
    Sake