Wireshark · Wireshark-users: Re: [Wireshark-users] Using private key and cert to decrypt HTTPS traffice betwen iOS and the server

Wireshark-users: Re: [Wireshark-users] Using private key and cert to decrypt HTTPS traffice betwe

From: "Wall, Stephen" <stephen.wall@xxxxxxxxxx>

Date: Sun, 17 Dec 2023 16:32:50 +0000

Read this web page for a good summary on decrypting with wireshark.

https://www.packetsafari.com/blog/2022/10/07/wireshark-decryption/

Basically, if the captured pcap file uses RSA handshake, you can decrypt it. If is uses ephemeral Diffie-Hellman, you can’t, you need to have also captured the ephemeral keys via a separate mechanism while the handshake is taking place. RSA is very uncommon these days as it’s considered less secure.

Follow-Ups:
- Re: [Wireshark-users] Using private key and cert to decrypt HTTPS traffice betwen iOS and the server
  - From: public1020

References:
- [Wireshark-users] Using private key and cert to decrypt HTTPS traffice betwen iOS and the server
  - From: public1020

Prev by Date: [Wireshark-users] Using private key and cert to decrypt HTTPS traffice betwen iOS and the server
Next by Date: Re: [Wireshark-users] Using private key and cert to decrypt HTTPS traffice betwen iOS and the server
Previous by thread: [Wireshark-users] Using private key and cert to decrypt HTTPS traffice betwen iOS and the server
Next by thread: Re: [Wireshark-users] Using private key and cert to decrypt HTTPS traffice betwen iOS and the server
Index(es):
- Date
- Thread