Wireshark-users: Re: [Wireshark-users] certificates and HTTPS pdus

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: rouli <rouli.net@xxxxxxxxx>
Date: Tue, 5 Jul 2011 09:09:11 +0300
You can use a proxy server (such as Charles Proxy, Burp or Fiddler) and proxy the ssl traffic. Then, all you have to know is the proxy's private key, which can usually set by you. Here's some instructions I've found a few months ago on how to do this with Fiddler, but I must admit I haven't tried them yet:
http://security14.blogspot.com/2010/07/how-to-use-fiddler-and-wireshark-to.html

One thing to remember - using a proxy server may change your application behavior. For example, Firefox may only open up to six concurrent sockets (instead of tens) when using a proxy. Sometimes, however, that's your only option.


On Tue, Jul 5, 2011 at 4:19 AM, Andrej van der Zee <andrejvanderzee@xxxxxxxxx> wrote:
Thanks for your email.

> You need the private key from the server ('PEM' format private key or a
> PKCS#12 keystore.) as per http://wiki.wireshark.org/SSL

And I assume their is no way to obtain the server's private key
without contacting the server's system administrators and become
really good friends first ;)

Is there absolutely no way around this?

Cheers,
Andrej
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe