Wireshark-users: Re: [Wireshark-users] SSL decode "can't decrypt pre master secret"
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Clinton James <cjames@xxxxxxxxxxx>
Date: Thu, 19 Nov 2009 07:23:37 -0600
Sake Blok wrote:
> On Wed, Nov 18, 2009 at 12:49:03PM -0600, Clinton James wrote:
>> Sake Blok wrote:
>>> On Tue, Nov 17, 2009 at 07:50:11AM -0600, Clinton James wrote:
>>>> I can't seem to decrypt an exchange.  Google doesn't seem to give me
>>>> much either.  I hoping someone can point me in the right direction.
>>>> My client app is contacting the server WWW.XXX.YYY.ZZZ via https.
>>>> [...]
>>>> ce 7a 51 81 ff b6 d7 79 eb 8c 2c d5 5e 38 63 f8
>>>> ssl_decrypt_pre_master_secret wrong pre_master_secret length (128,
>>>> expected 48)
>>>> dissect_ssl3_handshake can't decrypt pre master secret
>>> Are you sure the private key is the right one for the certificate
>>> offered by site WWW.XXX.YYY.ZZZ?
>> It is the same key I am using to establish the SSL connection to the
>> server.  By a google search, I saw someone else say that transposing the
>> IP in the SSL preference helped.  I have tried both and can't get it to
>> decode.
> 
> Ah... there is your problem. You need the *server* key, not the *client*
> key, as it is not used for generating the session keys.

So there is no way to decode an SSL session from the client side?