Hi Kenneth,
Thanks for the follow-up note and additional pointers. The point is that
there is only one relevant private key in all of these transactions (the
Server1 web-server private key). Also, even though there is communication
between two servers, in reality one of the servers (i.e. Server2) is acting as
a HTTPS client to the other (i.e. the web server on Server1).
Our fundamental question is: Can we depend on 'tshark' to perform the
SSL decryption given our series of steps or is that something too much to
expect?
Best regards,
Vijay
Kenneth Hunt <[EMAIL PROTECTED]> wrote:
Verify that your private keys are valid on all tiers... isolate the
transaction:
4. Server1 -> Server2 (response to request in Step 3).
Capture just this traffic -- without examining your capture indetail I am
assuming that the keys are either not valid on server2, or that you are missing
the server to server handshake. The only commercial program I have experience
with is OPNET ITguru and it uses wireshark as its backend so this is all the
same area.
If you are missing the server to server handshake you may need to force the
handshake to reoccur, is this a production server?
There is more info on the handshake process here:
http://docs.sun.com/source/816-6704-10/ssl_overview.html#13602
I am reading your description of the steps as this is inter server
communication, is that what happens or is this still going back to the client?
You might want to find a copy of Wireshark & Ethereal Network Protocol Analyzer
Toolkit:
I see amazon has 5 copies in stock right now.
http://www.amazon.com/exec/obidos/ASIN/1597490733/techobserver-20
Kenneth
---------------------------------
The information contained in this e-mail is for the exclusive use of the
intended recipient(s) and may be confidential, proprietary, and/or legally
privileged. Inadvertent disclosure of this message does not constitute a
waiver of any privilege. If you receive this message in error, please do not
directly or indirectly use, print, copy, forward, or disclose any part of this
message. Please also delete this e-mail and all copies and notify the sender.
Thank you.
For alternate languages please go to http://bayerdisclaimer.bayerweb.com
---------------------------------
_______________________________________________
Wireshark-users mailing list
Wireshark-users@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-users
---------------------------------
Looking for earth-friendly autos?
Browse Top Cars by "Green Rating" at Yahoo! Autos' Green Center. _______________________________________________
Wireshark-users mailing list
Wireshark-users@wireshark.org
http://www.wireshark.org/mailman/listinfo/wireshark-users
