Wireshark-users: Re: [Wireshark-users] export the private key on Windows?
From: "Jeffrey Ross" <jeff@xxxxxxxxxx>
Date: Mon, 9 Apr 2007 13:52:21 -0400 (EDT)
> On Mon, Apr 09, 2007 at 01:00:32PM -0400, Mark Roggenkamp wrote:
>> Also, if the https session isn't using client auth then you probably
>> only
>> need the private key of the WebSeal host.
>
> Even if the https-connection IS using a client-certificate, the private
> key of the client-certificate is only used for authentication and is not
> taking part in the encryption of the session. Only the private key of
> the server-certificate is used to generate the session-keys :)
>
> Cheers,
>
>
> Sake

ok, then I'm missing something or doing something wrong.  The key that was
given to me was in PKCS#12 format and I was provided the password for the
key.  I then used openssh to convert the key to RSA with the following
command (on a linux system - FC6):

openssl pkcs12 -in ./privatekey.p12 -out outkey.pem -nodes -nocerts

I was asked for the key password and entered it:
Enter Import Password: <password entered>
MAC verified OK

I removed the data before the line that started "BEGIN RSA PRIVATE KEY"
and used the line in wireshark:
10.1.0.3,443,http,d:\capture\outkey.pem

Where 10.1.0.3 is the IP address of the server that I have the private key
for.


So either I'm still doing something wrong or the administrator has
provided me with the incorrect key, possible but not likely.

Any help would be appreciated...

Jeff