Forum Discussion
NimbostratusSSLDump PMS File Issues.
I am working with the SSLDump Utility and I am running into issues generating the PMS file to decrypt the traffic. I have a feeling it ihas nothing to do with my pcap (yet). when I run the following command I get the following errors:
ssldump -r ~/ssldump.pcap -k -M ~/client1.pms
"Problem loading private key"
"ERROR: Couldn't create network handler"
Are the ssl keys in fact stored in this directory? This is what I have been trying to use at least:
/config/filestore/files_d/Common_d/certificate_key_d/
4 Replies
What_Lies_Bene1Cirrostratus
Hmmm, the location of keys gets a bit confusing. You're best bet is to run a find and then you can be sure;
find / -iname *.key
amolariIt's not -k
but
-k (full path and file)
such as, for exampl
ssldump -r /var/tmp/www-ssl-client1.cap -k /config/filestore/files_d/Common_d/certificate_key_d/:Common:test.org.key_1 -M /var/tmp/client1.pms
- aspindler34_133
Thanks gentlemen, I was able to get this working. For what ever reason, my key file was located in that directory I listed above. It was not located in the "/config/ssl/ssl.key/" also my syntax was off a bit.
Heres the revised command I used that was successful:
ssldump -r ssldump1.cap -k /config/filestore/files_d/Common_d/certificate_key_d/:Common:Test_SSL.key_26994_1 -M ~/client1.pms
After I saved the capture locally this worked and printed me the rsa keys I needed, thanks for all the help.
swo0sh_gt_13163Altostratus
Did you check if the PMS helped you decrypt the traffic in Wireshark? Also did your require to neglect DHE / ECDHE ciphers from Client/Server SSL Profiles to decrypt the traffic in Wirshark? Can you please share steps if you successfully decrypted the SSL Traffic in Wirshark?
