For some reason even after previous step the traffic still shows up decrypted.pem is correct and works with wireshark by testing it with regular TLS traffic, where decryption works fine) pem format (notice that I have tested that this. Where: 5083 is the server port for WSS, and server.key is the private key of the server in.
Open capture.pcap in wireshark and go to Preferences > Protocols > SSL > RSA keys list > Add and add: any, 5083, tcp, server.key.Made sure that the negotiated cipher between client and server is NOT Diffie-Hellman so that it is decryptable using RSA key in wireshark.
I'm trying to decrypt WSS (websocket secure) traffic in in Wireshark, but for some reason I cannot make it work.
0 kommentar(er)
