Wireshark-users: [Wireshark-users] RE : Export as PDML bug corrected in the nightlies, but ...
From: "Olivier LENORMAND" <Olivier.Lenormand@xxxxxxxxxxx>
Date: Wed, 4 Oct 2006 12:30:57 +0200
Hi everyone,

Quick description:
I capture and analyse all packets exchanged between my browser and two
SSL Web servers.
I have access to the servers decryption keys.
But I can't decrypt one of the servers' returning packets.

After more deep researches, I think I know why one of my servers
returning SSL data are decrypted, but those from my other are not.
It appears that I need a user certificate to access one of the servers.
And though I gave WS access to both servers decryption keys, I never
gave WS my user certificate.
That's why packets (GET and POST) from my browser to both servers are
always decrypted (afaik, this decryption doesn't need my certificate).
For the server that doesn't require a user certificate, WS only need the
server decryption key to unscramble the incoming packets, and it works.
Unfortunately, for the server that requires my client certificate, WS
not having it finds himself unable to unscramble the packets from this
server. 
Is it clear? :)
So, as a conclusion, after searching WS manual I failed to find how to
provide WS with my user certificate.
The good news would be either "I did not seach the right place" or "I
misunderstood the whole thing and the solution is obvious".
The bad news would be "WS understanding a client certificate is a
feature still in the TODO list".

I hope I made myself undertandable :)

Can anyone either tell me where I'm wrong or give me the trick?
Thanks in advance, Olivier.