Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Strange SSL decode issue (SUPL, ULP)

From: "Ralf G. R. Bergs" <Ralf+WireShark () bergs biz>
Date: Tue, 28 Apr 2015 18:26:01 +0200
Hi Sake.

On 2015-04-28 13:04 , Sake Blok wrote:

You can make sure decryption works in three ways:

- Limit the cipher suites on the client, so that it only advertises
non-DH ciphersuites

No chance for that. The client (SUPL agent) is preembedded on millions
of terminals already in the market.

- Limit the cipher suites on the server, so that it only chooses
non-DH ciphersuites (from the ciphersuites advertised by the client)

Technically I could do that I suppose, but I'm not sure about the
implications.

- Make the client or the server log the PreMaster data and point
Wireshark to the key log file in the "(Pre-)MasterSecret logfile" SSL
protocol preference.

As mentioned earlier the only place where I could practically do it is
on the SUPL server. I guess I need to find out from the vendor whether
it's possible.

Hope this helps,

Yes, it helped very much. Sometimes you don't see the obvious. Thanks a
bunch!

Kind regards,

Ralf


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: