Hi,
I had a little trouble too, but google was a friend. As the certificate(s) are sent using SCEP, I looked up how SCEP transfers certificates and found out it is using pkcs7. Then the file is in DER form (as I could see several binary certificates in the exported HTTP object). Then openssl pkcs7 help did the rest. Here is how you can extract the certificates:
openssl pkcs7 -inform DER -in <exported-http-object-filename> -print_certs
Good luck!
Sake
On 2 mei 2013, at 09:11, radiatejava wrote:
> Wireshark users,
> I have a packet capture in which there are http requests (over plain
> connection, not SSL) and their response. Response received is
> certificate or chain of certificates, possibly in binary data. It
> shows the content type of the object as
> 'application/x-x509-ca-ra-cert'. However, when I try to do
> 'ExportObjects' > HTTP and export the object, it exports fine but I am
> not able to view that certificate using any tool (like openssl or any
> other).
>
> I am suspecting wireshark is not exporting either fully or some issue.
> I have attached the file 20130417-213837_TCPDump.pcap here
> https://skydrive.live.com/?cid=90024b432de06aed&id=90024B432DE06AED!1107&authkey=!AG9x61vd9JLHYL0
>
> Can someone tell me how do export the http response that has
> certificate so that I am view the certificate ? Appreciate the
> response here.
>
> Thanks/Satish.
> ___________________________________________________________________________
> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
