Hi all, I am trying to decrypt HTTPS traffic using an exported certificate from a W2003 Server using the MMC "certmgr" "snapin".
I have the following export options :- DER encoded X509 (.CER) Base-64 X509 (.CER) PKCS7 (.P7B) I would have prefered exporting as PCKS12, as I have been able to successfully convert this to a PEM file for Wireshark a number of times. However, this option was greyed-out and not available for this certificate. I have tried instead exporting the DER file and using OpenSSL to convert the file to a PEM file for Wireshark:- "openssl -inform der -in cert.cer -outform pem -out cert.pem" This creates a resulting PEM file ok. However, when I setup Wireshark to use it, HTTPS traffic from the specified server is not being decrypted. When I setup SSL logging in Wireshark, I can see "can't import pem data" & "can't find private key for this server" errors. When I look at a LAN trace I can see that the Server "hello" sends two certificates to the client (!!??) & that neither has a "serial number" which matches that shown in "certmgr". However the certificate I exported does appear to be the correct one, with the name shown in the LAN Trace. Does anyone know what I am doing wrong & help me get this working? I have relevant files available for information and (hopefully) your perusal ;-) if requested..... Thanks for any help... _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
