How to decrypt the "SSL" or "TLS" traffic in wireshark?

asked 2020-06-03 17:47:24 +0000

akhilesh
1 ●1 ●1 ●2

I want to decrypt the "ssl" (or) "TLS" trafic for the certain application ? Is there any possible methods to decrypt(unencrypted) the "Ssl" or "Tls" traffic in wireshark ? or there is any other method to decrypt the ssl traffic outside the wireshark and generate it as a pcap file.. can anyone tell the procedure to decrypt the Ssl (or)Tls traffic in different methods or ways .....

edit retag flag offensive close merge delete

add a comment

1 Answer

Sort by » oldest newest most voted

answered 2020-06-03 21:19:12 +0000

grahamb

flag of United Kingdom of Great Britain and Northern Ireland

23790 ●4 ●950 ●227 https://www.wireshark.org

Maybe the wiki page on TLS would help you?

You need an amount of "keying material" to decrypt and depending on the ciphers in use that keying material must be generated from either the client or server at the time of the original communication.

edit flag offensive delete link

Comments

can you explain it briefly? need to import the ssl keylog while time of capture

akhilesh ( 2020-06-04 05:17:59 +0000 )edit

I can't explain it any better than it is on the wiki page, the section on Decryption describes the requirements.

grahamb ( 2020-06-04 07:25:13 +0000 )edit

Thank you very much

akhilesh ( 2020-06-04 08:57:06 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2020-06-03 17:47:24 +0000

Seen: 2,219 times

Last updated: Jun 03 '20

How to decrypt the "SSL" or "TLS" traffic in wireshark? edit