Wireshark crawls HTTPS encrypted messages and decrypts

First you have to have a certificate, and this certificate needs to be in. Pem format.

Window's certificate management is a. pfx file. This format is also available on the official website, but I have tried n times and I have not succeeded.

Finally, you can only convert. pfx to. Pem format.

My Wireshark version is the 1.4.4,winpcap version is 4.1.2.

First, or convert. pfx to. PEM Bar

1. Download OpenSSL.

2. Export the certificate, here I export to d:/test.pfx

3.pfx Convert to Pem

The syntax is:

Openssl.exe pkcs12-in <drive:/path/to/cert>.pfx-nodes-out <drive:/path/to/new/cert>.pem

That's how I switched: OpenSSL pkcs12-in d:/test.pfx-nodes-out D:/test.pem

Then open Test.pem, delete to only left

-----BEGIN RSA PRIVATE KEY-----miicwwibaakbgqdhqq0hlf+ydrqtjayzpdjvrv859v+hrayjw3ckpea2eqskiryg Fsg9unjb3bpcadzknldn4/mkuktpiz+rrcbwo3o8l9hfgxghhvqwbem+8yf9teqe Wpwxibf1zns2ecxnni6bwlkmttkuzlgvdrezhgn7otrr4ba7hyj+qn6ddqidaqab aogaw6kxcpvekqh07gdum3r1kk63p111vkxn/ Or1xg3gslgzwu1dmxq49eeqr2rk Rretgp5refqb8mzecnonqfzxtkvxnxw+wupjxt7m+jmidrgltyjegh+bkgdmnsav rS+ qqglgsqelxhryvfcqro0niv6ofytmi7xtpfmemygavaecqqd6nrv4wlykszz/ Ecizuii8zwthbtaxjmfc3q7cxcagsoet0fohzwveu70pzurjt2znptghgh7wutey 6epuy98bakeazeckslwke3fmyp31m/ Aoatcqe1o3vrrgn2uafapvadz3mezhgud/bvtj7yevnxavabbwtvllojl+f7mbfemydqjaigggygml5ht3q3rxlaqiep5vnwug GGjKgmR/ DORFU/DBMCAISFZWW5LE5S0ZIPAFGNYR/SK/TH4UKRHYR5JYAQJAN5TF ab7sw44l7js1fgagfcoqfjjfe/ q3buzqpikoipbkoatex2zfe6b0cvripgm00i8p hzlafxwebxdncu8twqjafrsyocetqcpsjdvflei567uzgeoz1dlamh9s2w1xtb3u geq15ybhenqm7ppc+pu4judvhsicgf7ku37blmqv1w==-----END RSA PRIVATE KEY-----

Save.

Then set it in the Edit-->prefferenct-->protocols-->ssl of Wireshark.

As shown in figure:

Then grab the packet will find TlsV1 protocol package, right-follow SSL stream is OK.