I am trying to use wire shark to evaluate the security of my server. Specifically the SSL section. I have seen some documentation witch show wire shark decrypting The Encrypted Handshakes and Application Data from a 2 conversations between client and server. I Need to learn how to configure wire shark to be able to do this. All the documentation I found on this subject has ether indicated that I should already have this ability, or it is too confusing to figure out. I need something a little more step by step. I am hopping that this is reliant on some form of data that only the client or the Administer would have access to and not something that posses a real secretly risk, but I won't know until I learn more about it.
From what I have learned, I believe this is probably the most useful info for me to share about problem.
In the example from my test between the web browser (witch is currently Chrome) and my server.
At the point of Client Key Exchange, I am getting "Handshake Protocol: Encrypted Handshake Message", and not what the message is. http://wiki.wireshark.org/SSL/ show wire shark decrypting this. Same kind of thing for Application data. I also have not found a pre-master secret variable yet.
I do have GnuTLS 2.8.5 and Gcrypt 1.4.5 already installed in wire shark(1.2.10).
At the Client Hello stage, My Brower is using TLSV1, so I do not have a challenge variable and no Public-key algorithm as http://www.cs.ucy.ac.cy/courses/EPL375/tutorials/Tut10/Wireshark_SSL_Solution_July_22_2007.pdf states that I should be looking for, I have gathered that the Random variable is probably a replacement for the challenge.
At the Server Hello stage, my server had selected to use Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA I don't know if this make a difference.
could some one please point me in the right direction?
HINT: Your server is suggesting/using