Wireshark-users: Re: [Wireshark-users] "Encrypted Alert" on ssl capture.
This webpage helped me Get to where I could see the Encrypted Alerts in
my SSL traffic.
http://www.novell.com/coolsolutions/appnote/19321.html
If you get to the Protocols --> SSL section and can't see the two
required textboxes, you'll need to compile Wireshark with gnutls. If
you're on a Mac, I'd suggest getting macports and getting the required
packages (gtk2, gnutls). Download the source code from the website.
Once you've got gtk2, and gnutls installed, run the ./configure command
with the --with-gnutls option, then "make", and then "sudo make
install". The next time you run wireshark, the SSL section of protocols
should have the boxes mentioned in the weblink I referenced. I just
went through this on a fresh install of Leopard so it should work for
you too.
As far as getting this on Windows or Linux, I'm not sure if it's
necessary as both of my installs on those OS's have already had the
added features for SSL.
fess wrote:
Hi, we have these failing SSL connections we were trying to debug,
the ones that fail have an
"Encrypted Alert" in them.
Am I correct in assuming that this is an alert in the SSL protocol
who's value I can't see because it's encrypted?
Should I expect to be able to decrypt it with wireshark if I have the
keys setup properly? I am able to decrypt
the ssl stream of the successful connections, but they don't have any
"Encrypted Alerts" so I don't know
what to expect there.
Thanks in advance for your help.
--fess
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-users
