You may or may not be able to decrypt TLS depending on what you have access to. What devices/interfaces are under your control and can you take packet captures on?
Have access to all devices/instruments along with their certs. In this particular case the call flow is from PC soft client-->call manager-->IP phone. However, for security reason I will not be able to upload a wireshark capture
It also depends on whether this in TLS 1.2 or 1.3. You should be able to decrypt TLS 1.2 if you have access to the client or server (different methods for each). On TLS 1.3, it's possible to run into a confirmed bug.
Edit preference, RSA Keys, and added new key file for devices under test
Created Environment Variable SSLKEYLOGFILE
Edit preference, Protocol TLS - and browse to the file created in step 2 for (Pre)-Master-Secret log filename.
Edit preference Protocol, Protocol TLS, RSA Key list, and added the following in the table:
IP address: 0.0.0.0
Port: 0
Protocol: left it blank
Key file: Browse to the file created in step 2
Start wire shark to capture
launch soft-client, login with credentials, phone registered, then generated a call
Stop Wireshark
SIP message were display for the phone register along with subscribe messages.
However, did not see any SIP messages for the actual call
You may or may not be able to decrypt TLS depending on what you have access to. What devices/interfaces are under your control and can you take packet captures on?
Have access to all devices/instruments along with their certs. In this particular case the call flow is from PC soft client-->call manager-->IP phone. However, for security reason I will not be able to upload a wireshark capture
There is a Wiki page on SSL here, depending on the key exchange algorithm chosen just having the certificate private keys may not be enough.
It also depends on whether this in TLS 1.2 or 1.3. You should be able to decrypt TLS 1.2 if you have access to the client or server (different methods for each). On TLS 1.3, it's possible to run into a confirmed bug.
I suspect that an IP Phone won't be running TLS 1.3 yet.
You are most likely right. Caveats for caveats sake though.
Wireshark Version 3 TLSv1
Edit preference Protocol, Protocol TLS, RSA Key list, and added the following in the table:
IP address: 0.0.0.0 Port: 0 Protocol: left it blank Key file: Browse to the file created in step 2
Start wire shark to capture launch soft-client, login with credentials, phone registered, then generated a call Stop Wireshark SIP message were display for the phone register along with subscribe messages.
However, did not see any SIP messages for the actual call
Any help would be greatly appreciated.
Tied right click on the Premaster key within the TLS1 handshake, then decode as without any luck