How to Use wireshark to view ssl content and wireshark to view ssl

Source: Internet
Author: User

How to Use wireshark to view ssl content and wireshark to view ssl

1. To view the ssl content, you need to obtain the server rsa key of the server.

2. Open wireshark and find the following path: Edit-> Preferences-> protocols-> SSL

Then click RSA Keys List: Edit,

Create a New RSA key on the New RSA editing interface

Where

IP address is the IP address of the server.

Port is generally 443

Protocol is generally set to http

You can select the rsa key on your server as the key file. This RSA Key must be a decrypted (RSA) key in PKCS #8 PEM format

Password is generally not entered. If the key file requires a password, you can enter it here.


3. Because wireshark versions earlier than or 1.10 do not support session ticket, session ticket is required if the ssl configured on the server is TLS v1. This is to upgrade wireshark to 1.12 or above.

For ubuntu 14.04, run the following command to upgrade

sudo apt-add-repository 'deb http://ppa.launchpad.net/wireshark-dev/stable/ubuntu trusty main'sudo apt-get update<pre name="code" class="plain"><span style="font-family: Arial, Helvetica, sans-serif;">sudo apt-get upgrade</span>
Sudo apt-get upgrade wiresharksudo apt-get install wireshark

 

In this case, you can decrypt https in wireshark to view the http content.

4. Notes

1. SometimesDiffie-HellmanYou can try the following CipherSuite.

SSLCipherSuite RC4-SHA


2. Sometimes the session cache will be affected. You can modify the SSLSessionCache In the mod-available/ssl. conf file as follows:

SSLSessionCache none#SSLSessionCacheTimeout  300
 

3. restart the apache using

sudo service apache2 restart



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.