Hi Martin,
When client was connected directly to a SSL web server (i.e.server's IP : 1.2.3.4), with the key, I could see the http traffic.
When the client went via its proxy (i.e: 5.6.7.8) to the same SSL web server, I couldn't see the packets's content using the same key. I did try to change the source IP in wireshark/tshark set up to the proxy's IP, but couldn't see either. So there should be some kind of encryption or tunnel between client and its proxy, am I wrong?
Do you happen to know any document or web site discussing about proxy's operations.
Regards,
PV
From: Martin Visser <martinvisser99@xxxxxxxxx>
To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
Sent: Sun, January 30, 2011 1:42:19 AM
Subject: Re: [Wireshark-users] tcp.time_delta column with tshark
If you capture traffic on your network on or in the path between the
client and proxy, you will see see the HTTP proxy traffic. HTTP
traffic direct to the web-server or via a proxy are fundamentally the
same - the proxy just has to handle the edge conditions a little
differently.
Regards, Martin
MartinVisser99@xxxxxxxxxOn 30 January 2011 15:26, vincent paul <
amoteluro@xxxxxxxxx> wrote:
> Thank you Sake and J.Snelders for your quick and precious help.
>
> Best Regards,
> PV
>
> NOTE: Any idea how to see the packets' content between client and its proxy
> (not web server)
>
> ________________________________
>