Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

decrypt https sessions

Hi it folks.

I try to find an answer to my question in the knowledgebase without success... so here I am. Is it possible to to decrypt https traffic with an private key (not via SSLKEYLOGFILE) ?

My Lab contains a apache webserver on linux (of course) and a self signed certificate, generated like this: openssl req -new -newkey rsa:2048 -nodes -days 365 -x509 -subj '/CN=test.local' -keyout test.key -out test.crt I capture the traffic on this webserver with : tcpdump -w https.pcap "port 443"

In the wireshark (v2.6.8) settings->protocols->ssl-> I enter : IP Adress, Port: 443, Protocol: http, Key File: path to test.key

Then I open the capture File and I expect the https / tls traffic to be decrypted... Unfortunately it doesn't work this way - I tried it several times.

Any Ideas / Help? Thank you