Wireshark mailing list archives
Re: SSL Decoding fails on Linux, works on Windows 7 64-bit
From: Sake Blok <sake () euronet nl>
Date: Mon, 20 Aug 2012 22:10:11 +0200
On 20 aug 2012, at 21:49, Bas Nedermeijer wrote:
On Monday 20 August 2012 21:21:42 Sake Blok wrote:On 20 aug 2012, at 21:05, Bas Nedermeijer wrote:The ssl.debug file (partial) of the Linux version (which fails). Some filenames have been altered. But the KeyID shows it is the same private key. [...] ssl_decrypt_pre_master_secret wrong pre_master_secret length (87, expected 48) dissect_ssl3_handshake can't decrypt pre master secretAre you sure the configured key matches the certificate in the tracefile? Every time I have encountered the above messages, I was using a key that did not match the certificateI am pretty sure, the keyid in the logfiles is the same. And the (captured) data is captured on the windows machine, and loaded on the linux machine. So those are also the same. The only thing I had to convert was the pfx file, the linux wireshark did not want to load it. So I had to extract the private key, and remove the password from the key. (I do not give the certificate to wireshark on linux).
Hmm... strange... A while ago someone did have problems with one version of the GnuTLS library, but I'm not sure what the symptoms were in the ssl-debug file. Are you able to upgrade your SSL libraries? Could you also post the ssl-debug from from the Windows box up till the line "dissect_ssl enter frame #55 (first time)"?
I hope this is enough information. I cannot share the actual captured data and key. But if needed I think I can reproduce the problem with a self-signed key (and dummy session).If you do have a matching certificate and key and you still get this message, please reproduce the issue with files that you can share :-)I'll try to find a IIS machine I can use (need to load a self-signed key).
OK Cheers, Sake ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- SSL Decoding fails on Linux, works on Windows 7 64-bit Bas Nedermeijer (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Sake Blok (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Bas Nedermeijer (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Sake Blok (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Bas Nedermeijer (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Sake Blok (Aug 21)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Bas Nedermeijer (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Sake Blok (Aug 20)