Hi Steve
That was the problem! Openssl s_server uses TCP port 4433 by default.
Once I did the right-click and Decode as SSL, decoding occurred. I was
even able to decode a file created with tcpdump that contained SSL
traffic.
Thanks very much for the help!
tl
>What port is the exchange going over? Wireshark only expects SSL over
>certain ports by default: 443 (http), 636 (ldap), 993 (imap), 995
>(pop3). You can force your traffic to be recognized as SSL by right
>clicking on one of the packets in the packet list and choosing "Decode
>As" and picking SSL from the list.
>
>
>Steve