Ask Your Question

Revision history [back]

decrypt saved capture with private key

I am using wireshark 64 bit. version 3.0.2. I am trying to decrypt an https capture file that is using port 8443 for https. I have the private key. I can't seem to get a straight answer on how this works despite multiple posts. First, there is no SSL so I have selected TLS in the Protocols section of Preferences. Just below that is RSA Keys. I assume that is where I put the location of the key file. (with .key extension) I also put in the following information in the TLS Decrypt under protocols: IP address: source IP listed in the capture Port: 8443 Protocol: http Key File: same private key located on desktop that I listed under RSA Keys. Clicked on OK, OK. but nothing happens. What did I miss?

decrypt saved capture with private key

I am using wireshark 64 bit. version 3.0.2. I am trying to decrypt an https capture file that is using port 8443 for https. I have the private key. I can't seem to get a straight answer on how this works despite multiple posts. First, there is no SSL so I have selected TLS in the Protocols section of Preferences. Just below that is RSA Keys. I assume that is where I put the location of the key file. (with .key extension) I also put in the following information in the TLS Decrypt under protocols: protocols:

IP address: source IP listed in the capture
Port: 8443
Protocol: http
Key File: same private key located on desktop that I listed under RSA Keys. Keys.

Clicked on OK, OK. but nothing happens. What did I miss? miss?