The packets are encrypted, so I'm using the Wireshark SSL to decode them. They have given me several files that they believe to be the SSL key. One file with a "cer" extension, one with a "pfx" extension. Then a third file, when I open it looks very much like the rsasnakeoil2.key that we used in WireShark University class. So I've tried all three with no success. Here is a screen shot of how I have it setup within WireShark. As you can see I renamed the file and added the key extension.
For some reason after installing the key it doesn't decode the encrypted detail within the packet. Someone also suggested that the key needs to be in a particular type or format. Doing a little more research, I've discovered that the trace file contains SSL TLS v1. I have read that SSL TLS V 2 and SSL TSL V 3 are support, but nothing about SSL TSL V1. Could this be the problem. cid:328553601@29112007-133C Ray Tompkins ANALYSIS SOLUTION www.analysissolution.com 832 643 5871
<<image001.png>>
_______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
