Wireshark mailing list archives
Re: SSL Decoding fails on Linux, works on Windows 7 64-bit
From: Bas Nedermeijer <baswire () tcfaa nl>
Date: Mon, 20 Aug 2012 21:49:32 +0200
On Monday 20 August 2012 21:21:42 Sake Blok wrote:
On 20 aug 2012, at 21:05, Bas Nedermeijer wrote:The ssl.debug file (partial) of the Linux version (which fails). Some filenames have been altered. But the KeyID shows it is the same private key. [...] ssl_decrypt_pre_master_secret wrong pre_master_secret length (87, expected 48) dissect_ssl3_handshake can't decrypt pre master secretAre you sure the configured key matches the certificate in the tracefile? Every time I have encountered the above messages, I was using a key that did not match the certificate
I am pretty sure, the keyid in the logfiles is the same. And the (captured) data is captured on the windows machine, and loaded on the linux machine. So those are also the same. The only thing I had to convert was the pfx file, the linux wireshark did not want to load it. So I had to extract the private key, and remove the password from the key. (I do not give the certificate to wireshark on linux).
I hope this is enough information. I cannot share the actual captured data and key. But if needed I think I can reproduce the problem with a self-signed key (and dummy session).If you do have a matching certificate and key and you still get this message, please reproduce the issue with files that you can share :-)
I'll try to find a IIS machine I can use (need to load a self-signed key). Regards, Groeten, Bas Nedermeijer
Cheers, Groeten, Sake ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- SSL Decoding fails on Linux, works on Windows 7 64-bit Bas Nedermeijer (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Sake Blok (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Bas Nedermeijer (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Sake Blok (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Bas Nedermeijer (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Sake Blok (Aug 21)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Bas Nedermeijer (Aug 20)
- Re: SSL Decoding fails on Linux, works on Windows 7 64-bit Sake Blok (Aug 20)