Wireshark · Wireshark-dev: Re: [Wireshark-dev] decrypting SSL traffic that goes through an SSL terminating proxy server

Wireshark-dev: Re: [Wireshark-dev] decrypting SSL traffic that goes through an SSL terminating

From: Sake Blok <sake@xxxxxxxxxx>

Date: Fri, 8 Feb 2008 09:49:47 +0100

On Thu, Feb 07, 2008 at 11:40:12PM -0600, DePriest, Jason R. wrote:
> 
> Has anyone had experience with Blue Coat's in general for this sort of
> thing?  I can see the keyring that Blue Coat is configured to use and
> the encrypted form of *a* key.  Even after putting it in a file and
> converting it using openssl command-line tools into a form that
> Wireshark should read, I get errors.

Is this proxy a transparent proxy (client opens connection to
the ip address of the website, but is redirected somehow to the
proxy) or a full proxy (client opens connection to the proxy
ip address).

In case it is a full proxy, have you tried using the following
in the ssl protocol settings?

<ip-of-proxy>,<proxy-port>,http,<keyfile>

Cheers,
    Sake

Follow-Ups:
- Re: [Wireshark-dev] decrypting SSL traffic that goes through an SSL terminating proxy server
  - From: DePriest, Jason R.
- Re: [Wireshark-dev] decrypting SSL traffic that goes through an SSL terminating proxy server
  - From: DePriest, Jason R.

References:
- [Wireshark-dev] decrypting SSL traffic that goes through an SSL terminating proxy server
  - From: DePriest, Jason R.

Prev by Date: [Wireshark-dev] decrypting SSL traffic that goes through an SSL terminating proxy server
Next by Date: Re: [Wireshark-dev] 0.99.7 SNMP v2 Config?
Previous by thread: [Wireshark-dev] decrypting SSL traffic that goes through an SSL terminating proxy server
Next by thread: Re: [Wireshark-dev] decrypting SSL traffic that goes through an SSL terminating proxy server
Index(es):
- Date
- Thread