[Shaanan Cohney <shaananc@xxxxxxxxxxx>]

Thanks so much Pascal,

After an hour of sorting out some compilation issues it's all working well and I see the certs.

Grateful that the patch came in recently!

Best,

Shaanan

---

From: pascal.quantin@xxxxxxxxx
Date: Mon, 17 Nov 2014 07:20:49 +0100
To: wireshark-users@xxxxxxxxxxxxx
Subject: Re: [Wireshark-users] Extracting SSL Certs using Tshark

2014-11-17 7:12 GMT+01:00 Shaanan Cohney <shaananc@xxxxxxxxxxx>:

Hi,

I was wondering if it is possible/how one extracts SSL certs from Server Certificate messages using only tshark. 

I see in the display filter page for SSL both ssl.handshake.certificate and ssl.handshake.certificates but neither seem to extract the necessary bytes on my pcaps.

Thanks!

Hi Shaanan,

this capability was added to tshark only very recently (November the 5th) , and in master branch. So you will need to download a nightly build of Wireshark 1.99.1 here: https://www.wireshark.org/download/automated/

Regards,
Pascal.

___________________________________________________________________________ Sent via: Wireshark-users mailing list Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe