2021-06-25 08:18:49 +0000 | received badge | ● Famous Question (source) |
2020-02-09 21:38:49 +0000 | received badge | ● Notable Question (source) |
2020-02-09 21:38:49 +0000 | received badge | ● Popular Question (source) |
2019-05-31 14:19:38 +0000 | marked best answer | decrypt https sessions Hi it folks. I try to find an answer to my question in the knowledgebase without success... so here I am. Is it possible to to decrypt https traffic with an private key (not via SSLKEYLOGFILE) ? My Lab contains a apache webserver on linux (of course) and a self signed certificate, generated like this: openssl req -new -newkey rsa:2048 -nodes -days 365 -x509 -subj '/CN=test.local' -keyout test.key -out test.crt I capture the traffic on this webserver with : tcpdump -w https.pcap "port 443" In the wireshark (v2.6.8) settings->protocols->ssl-> I enter : IP Adress, Port: 443, Protocol: http, Key File: path to test.key Then I open the capture File and I expect the https / tls traffic to be decrypted... Unfortunately it doesn't work this way - I tried it several times. Any Ideas / Help? Thank you |
2019-05-31 14:19:38 +0000 | received badge | ● Scholar (source) |
2019-05-31 12:41:39 +0000 | commented answer | decrypt https sessions Wow great it works - thank you! In nginx I added these two lines: ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'AES |
2019-05-31 12:40:13 +0000 | received badge | ● Rapid Responder (source) |
2019-05-31 12:40:13 +0000 | answered a question | decrypt https sessions Wow great it works - thank you! In nginx I added these two lines: ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_cip |
2019-05-31 08:23:23 +0000 | asked a question | decrypt https sessions decrypt https sessions Hi it folks. I try to find an answer to my question in the knowledgebase without success... so h |