https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4544
--- Comment #5 from Sake <sake@xxxxxxxxxx> 2010-05-20 10:55:27 PDT ---
(In reply to comment #4)
> (In reply to comment #3)
> > Are you able to share "alpha_mail.pem" or is that a private key used in a
> > production environment?
>
> It is used in production environment at a universally-accessible server. I'll
> reproduce the situation in a test environment.
I understand. I decrypted a tracefile with SMTP and starttls and I was able to
see the decrypted "Finished" handshake message in both directions. There was no
application data in my trace, but I assume that if decryption works for the
last stage of the SSL handshake, it will also work for the application data.
Prior to spending time to reproduce this in a test environment, could you use
tshark to decrypt the file that you attached? You can use
tshark -V -r smtp-starttls.pcap -o
ssl.keys_list:78.107.153.188,start_tls,smtp,d:\Ivan\alpha_mail.pem -o
ssl.debug_file:d:\Ivan\ssl-debug.log > d:\Ivan\smtp-starttls.txt
Could you then attach the files d:\Ivan\ssl-debug.log and
d:\Ivan\smtp-starttls.txt to this bug-report?
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.