Hi All. I spent several hours trying to setup WireShark to decode outbound REST calls, but so far I have not been able to do so.
I have tried to assign the .PFX, .PEM, .KEY and created a KeyLog but the packets are still encrypted.
This is what I get in the debug log:
dissect_ssl enter frame #2062 (first time) packet_from_server: is from server - FALSE conversation = 000000CB5320F940, ssl_session = 000000CB53210750 record: offset = 0, reported_length_remaining = 309 dissect_ssl3_record: content_type 23 Application Data decrypt_ssl3_record: app_data len 304, ssl state 0x17 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available
The traffic Flow is as follows:
1: HTTP POST request is created on the client with HTTP headers and a JSON payload. 2: Request is sent through tomcat to the HTTPS REST Endpoint
What I need to see is how the HTTP request is formatted to verify that the creation is correct. I'm using the latest WireShark 64bit version for Windows and running everything on a Windows 2012R2 server. The target endpoint is an external provider where the authentication is done with a base64 encoded credentials token.
Thank you in advance
with Regards Filip Poverud