Error while decrypting https traffic in Wireshark
I think wireshark doesn't have a way to ask you for a password when setting the filepath of your private key, therefore encrypted private keys are not supported. You could try to decrypt the key beforehand:
openssl rsa -in jetty_server.key -out jetty_server.key.unencrypted
Then set "jetty_server.key.unencrypted" as your private key in wireshark preferences like you did with the encrypted one.
ps: glad it worked :)
Related videos on Youtube
08 : 41
31 : 14
11 : 28
15 : 49
01 : 45
Srikanth
Updated on September 17, 2022Comments
-
Srikanth over 1 year
I configured Jetty with a self-generated private key and cert after a long struggle. Now, I'm having trouble decrypting the HTTPS traffic from the Jetty server that I captured for inspection.
The following is the error from Wireshark's SSL log (file and host names are masked):
ssl_init keys string: <host>,8443,data,C:\path\to\file.pem ssl_init found host entry <host>,8443,data,C:\path\to\file.pem ssl_init addr '<host>' port '8443' filename 'C:\path\to\file.pem' password(only for p12 file) '(null)' ssl_load_key: can't import pem dataI'm not sure what's going wrong. Here are the headers of the key and crt files that are being used:
The .key file:
-----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,159E7E1BB65239C8 ... <rest of private key> -----END RSA PRIVATE KEY-----The .crt file:
-----BEGIN CERTIFICATE----- ... <rest of crt key> -----END CERTIFICATE-----I tried by just loading the .key file into Wireshark; I also tried combining the .key and .crt files into a single .pem file into Wireshark, but with no success with both the attempts. My .key file has a password. Does that make any difference? What could I be doing wrong?
Thanks for your time!
-
Srikanth over 13 yearsThanks a lot! I just added an edit to the question mentioning about the .key having a password. You beat me to it. It works now.