Hi
I try to decode ssl flow with wireshark but I have no decryption occurs.
So I try the sample supplied on SSL Wireshark
page(SampleCaptures/snakeoil2_070531.tgz).
I have downloaded the rsasnakeoil2.key into the /tmp directory
and set the SSL preferences RSA Keys list to
127.0.0.1,443,HTTP,/tmp/rsasnakeoil2.key and SSL debug file to
/tmp/wiresharkSSL.txt
I have the same result, flow is not decrypted.
In trace file, I have no info on the private key load :
ssl_init keys string:
127.0.0.1,443,http,/tmp/snakeoil2.key
ssl_init found host entry 127.0.0.1,443,http,/tmp/snakeoil2.key
ssl_init addr '127.0.0.1' port '443' filename '/tmp/snakeoil2.key'
password(only for p12 file) '(null)'
association_find: TCP port 993 found 0x1102ae0
ssl_association_remove removing TCP 993 - imap handle 0xac5e70
association_add TCP port 993 protocol imap handle 0xac5e70
association_find: TCP port 995 found 0x1102b50
ssl_association_remove removing TCP 995 - pop handle 0xbdca60
association_add TCP port 995 protocol pop handle 0xbdca60
dissect_ssl enter frame #4 (first time)
ssl_session_init: initializing ptr 0x2b9f11b34b58 size 648
association_find: TCP port 38713 found (nil)
packet_from_server: is from server - FALSE
dissect_ssl server 127.0.0.1:443
dissect_ssl can't find private key for this server! Try it again with
universal port 0
dissect_ssl can't find private key for this server (universal port)! Try
it again with universal address 0.0.0.0
dissect_ssl can't find any private key!
conversation = 0x2b9f11b34880, ssl_session = 0x2b9f11b34b58
client random len: 16 padded to 32
Can you help me ?
Thank you very much
Michel
