How to read ocsp package content in wireshark
5,104
In order to activate OCSP decoding, I had to activate HTTP decoding
Edit -> Preferences -> Protocols -> HTTP -> TCP Ports: add 9080
Related videos on Youtube
10 : 38
Learn Wireshark in 10 minutes - Wireshark Tutorial for Beginners
43 : 52
How to read Wireshark Output
02 : 08
How to read ocsp package content in wireshark?
08 : 53
Reading PCAPs with Wireshark Statistics // Lesson 8 // Wireshark Tutorial
08 : 58
Mastering Wireshark How to export packet contents
Comments
-
srghma over 1 year
I have deployed basic ocsp server from
OpenSSl Cookbookby Ivan Ristic page 44 with following command:openssl ocsp -port 9080 -index db/index -rsigner root-ocsp.crt -rkey private/root-ocsp.key -CA root-ca.crt -textAnd I want to investigate ocsp request content to my server in Wireshark:
openssl ocsp -issuer root-ca.crt -CAfile root-ca.crt -cert root-ocsp.crt -url http://127.0.0.1:9080with filter
port 9080applied to loopback (device?) I get necessary tcp packages:
How to show their content in oscp format?
P.S. I cannot apply
oscpfilter, wireshark mark it with red.-
Admin about 7 yearsSince this is a HTTP request which includes the OCSP request you have to use HTTP as the protocol to show the details. IMHO Wireshark then displays the OCSP request and response in the body of the request/response as long as they have the correct Content-Type set. -
Admin about 7 yearsI have recorded transaction on image, when I write
httptoApply a display filter...no packages is displayed, how I must setHTTP as the protocol to show the details? As you can see, content-type is present -
Admin about 7 yearsA display filter filters only, i.e. does not change how data are displayed but only which data are displayed. You have to change how the data are decoded instead. How this is done depends on the version of Wireshark. But for example
Analyze | Decode Asin current version. -
Admin about 7 yearsThanks, your answers had pushed me on right solution. It was very important for me
-
