Hello guys,
I am trying to decrypt all the MQTT traffic between my AWS broker and my device with Wireshark.
I was following this guide:
https://wiki.wireshark.org/SSL
I configured RSA keys list as:
"192.168.123.123","8883","mqtt","C:/Users/SPA20000001.key","" "18.202.37.237","59424","mqtt","C:/Users/SPA20000001.key","" "192.168.123.123","59689","mqtt","C:/Users/SPA20000001.key","" "18.202.37.237","59424","mqtt","C:/Users/SPA20000001.key",""
192.168.123.123 is the IP of my device and 18.202.37.237 is the IP of AWS broker. Protocol is mqtt and add private key file of my device in PEM formated, that is:
-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAxfdaN7BkkLjqQqBqbLQGVcw0FciYNWTV/ZRIh1Q/syM8RHn8 ... ... ... AqS6228/pd7Mq+yKICYZ2+T5IwcCtRmT4GpTAjbglk9xuQ0XVOf0IjsmHQ57VI+Q CGd0G/TCxcvfDRV/iWvmOUn6R/sNxYG2KQ1PJioYYxpO7lvg8Ew4rg==
-----END RSA PRIVATE KEY-----
Then I save a pcapng and I can see the handshaking with ciphersuite and Client Hello and HelloDone and all SSL traffic encrypted, I save settings above and traffic still encrypted.
Do you know if I am doing something wrong? Wireshark allows to decrypt mqtt traffic?
Thanks in advance.
