Hi,
I would like to run tshark to capture encrupted ssl messages so I can read off of standard out and decrypt it using our certificate. But when I run a command like this.
C:\Program Files\Wireshark>tshark -i 2 -R ssl.app_data -T text -V -l -d tcp.port==8443,ssl
The application data dump looks like this
Secure Socket Layer
SSLv3 Record Layer: Application Data Protocol: Application Data
Content Type: Application Data (23)
Version: SSL 3.0 (0x0300)
Length: 5631
Encrypted Application Data: D25EFAFBA41786F64DA3B304F8603FEDFCA31C1AA2BA
6E65...
It looks like its truncating the data. How can I get it to dump all of the encrypted data to standard out and not truncate it.
Thanks
Al
