Wireshark-users: Re: [Wireshark-users] [Wireshark-announce] Question about the private key of a h
Date: Sun, 05 Apr 2009 10:29:00 +0800
Hi,

I read your description, and just give my opinion, though it maybe useless to you.

For the certification from CA, the certification must be customized to be exported while it is applied from CA, or else the certification cannot be export with private key.
In default, all windows certifications cannot be exported with private key. However when the certification is customized to be exported in applying process, the certification can be exported with private key. I have succeeded to export the user certification with private key in Windows XP, it need be customized in applying from CA. And windows 2000 or windows 2003 CA provide such parameter option to customize whether the private key can be exported.
For windows, I think it is the protection mechanism to keep these private key unavailable to export in default type. If you can switch the SSL certification with new one that you apply with customized method, you can get the exported .pfx file with private key.

So good luck, wish helpful to you!

Blue
2009-04-05
Mail: bluecloud_2000@xxxxxxx

On Wed, 2009-04-01 at 18:38 +0000, Wireshark announcements wrote:
Dear all,

I hope you may be able to help me. I am trying to debug and understand my network but have run into trouble when handling SSL packets. To make it easier to understand where I am up to, here are some details:

  • Currently I am using Wireshark on a windows PC.
  • Clearly I have physical access to the router and network switches, and access to my router's configuration / diagnostics etc.
  • I understand that to view SSL packets in Wireshark I need to obtain the private key from the SSL certificate on the server, decrypt it with open SSL and then load it as a .pem into Wireshark. (I think that's correct, please tell me if not).

The problem I'm having is that I can't export any certificates in the .pfx Personal Information Exchange format which I need, to be able to export the private key with the certificate.

If I am using a standard home router like the linksys except it's made by 2wire, is there some way I can get it off there?

Thank you in advance and I hope someone can point me in the right direction.

How



Windows Live Messenger just got better. Find out more!
___________________________________________________________________________
Sent via:    Wireshark-announce mailing list <wireshark-announce@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-announce
Unsubscribe: https://wireshark.org/mailman/options/wireshark-announce
             mailto:wireshark-announce-request@xxxxxxxxxxxxx?subject=unsubscribe