ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online

Wireshark-users: Re: [Wireshark-users] 256 pre master encrypted key

Date: Thu, 11 Mar 2010 10:24:25 -0500
Thanks Sake,

I've watch you presentation and it was very interesting but in my
situation I have a signer certificate (which is shown in the server hello
packet with a common name of TEST) which is stored in my computer and
issued by the server and only personal certificate (common name=HOD) with
private keys stored in my computer.

I extracted the private keys from the personal certificate and it seemed
it didn't match.

I am managing certificates with IBM ikeyman I think it's a bit confusing
to me !!!


> On 11 mrt 2010, at 11:11, junk@xxxxxxxxx wrote:
>>> On 11 mrt 2010, at 10:42, junk@xxxxxxxxx wrote:
>>>> ssl_decrypt_pre_master_secret wrong pre_master_secret length (128,
>>>> expected 48)
>>> This usually means that the private key provided to Wireshark does not
>>> match the public key that was present in the certificate that was sent
>>> by
>>> the server.
>> I have the certificate with me but I can't extract the private RSA key
>> from it. It's a signer certificate in DER binary format but it doesn't
>> have a RSA key.
> The private key is *never* in the certificate, it's the counterpart of a
> certificate. The signers certificate should contain a public key. This
> public key can be used to verify the signature in the certificate which
> was signed by the signers certificate. As it was signed by the private key
> that matches the public key in the signers certificate.
> You might want to take a look at the "SSL troubleshooting" presentation I
> gave at Sharkfest last year, it should clear things up a bit :-)
> Powerpoint:
> Video:
> Cheers,
> Sake
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives:
> Unsubscribe:
>              mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe