Wireshark-users: Re: [Wireshark-users] How to decode non-standard SSL traffic

From: "Kukosa, Tomas" <tomas.kukosa@xxxxxxxxxxx>
Date: Tue, 23 Jan 2007 08:00:55 +0100
Hi, 

try to enable SSL debug output (with setting debug file in SSL
preferences).
Either you will see in the file what goes wrong or you can send it here.

BTW if it is possible skip to version 0.99.5pre2 which contains a little
bit better debug SSL output.

Tomas


Mailcode: NdD2sKHg
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of
lemons_terry@xxxxxxx
Sent: Monday, January 22, 2007 10:14 PM
To: wireshark-users@xxxxxxxxxxxxx
Subject: Re: [Wireshark-users] How to decode non-standard SSL traffic

Hi

The use of 'data' _may_ work, but I think I have a problem with the 'RSA
keys list' string.  I'm testing with OpenSSL.  I've tried both a
self-signed SSL certificate via:

	openssl req -new -x509 -nodes -out server.crt -keyout server.key

and a 'real' SSL certificate:
	openssl genrsa -des3 -out server.key 1024
	openssl req -new -x509 -nodes -sha1 -days 365 -key server.key
-out server.crt

When I use a 'RSA keys list' value of:

192.168.11.104,4433,data,/tmp/server.key

no decoding of the application data occurs.  Any thoughts about what I
could be doing wrong?

Thanks!
tl

>See if specifying the "data" protocol works.
>
>
>Steve
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users