Wireshark-users: Re: [Wireshark-users] SSL decode "can't decrypt pre master secret"
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Graham Bloice <graham.bloice@xxxxxxxxxxxxx>
Date: Thu, 19 Nov 2009 14:11:47 +0000
Clinton James wrote: 
Sake Blok wrote:
  
On Wed, Nov 18, 2009 at 12:49:03PM -0600, Clinton James wrote:
    
Sake Blok wrote:
      
On Tue, Nov 17, 2009 at 07:50:11AM -0600, Clinton James wrote:
        
I can't seem to decrypt an exchange.  Google doesn't seem to give me
much either.  I hoping someone can point me in the right direction.
My client app is contacting the server WWW.XXX.YYY.ZZZ via https.
[...]
ce 7a 51 81 ff b6 d7 79 eb 8c 2c d5 5e 38 63 f8
ssl_decrypt_pre_master_secret wrong pre_master_secret length (128,
expected 48)
dissect_ssl3_handshake can't decrypt pre master secret
          
Are you sure the private key is the right one for the certificate
offered by site WWW.XXX.YYY.ZZZ?
        
It is the same key I am using to establish the SSL connection to the
server.  By a google search, I saw someone else say that transposing the
IP in the SSL preference helped.  I have tried both and can't get it to
decode.
      
Ah... there is your problem. You need the *server* key, not the *client*
key, as it is not used for generating the session keys.
    
So there is no way to decode an SSL session from the client side?
Fiddler?  http://www.fiddler2.com/fiddler2/

-- 
Regards,

Graham Bloice