Hi all,
My company is using the Microsoft C++ standard
implementation of TLS, i.e. plugging in the module, to handle SSL connections.
When I use wireshark to capture data, it does not detect the
SSL packets. However, when I read the raw data in the TCP packet,
I can see the TLS headers in the first bytes of the data
payload. Furthermore, there seems to be an exchange of certificates.
When I connect to an SSL enabled site over a web browser I
can scope TLS packets. I would like to see the same thing appear
when I scope packets from my program. My first question
is: how does wireshark determine whether a packet is an SSL packet?
Unfortunately, I am new at this company and I did not write
the code, however I know that our implementation uses secur32.dll.
Does anyone know if there are any compatibility issues using
this dll?
I have been looking through the wireshark code base and developer
documents to determine the answer to these questions and I
Would appreciate any insight into this problem.
Thanks,
Justin Seto