Discussion:
can't load private key from /root/foo.pem
Thiago Moreira (timba)
2010-01-18 19:12:12 UTC
Permalink
Hi there,

I'm facing the following error when adding a private key to the "RSA key
list" field on Wireshark preferences.

can't load private key from /root/foo.pem

The key was generated by $JAVA_HOME/bin/keytool and then I used the
following commands to export it to a PEM format

keytool -importkeystore -srckeystore .keystore -destkeystore foo.p12
-srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in foo.p12 -out foo.pem

My question is how can I find out what is going on? Is there any debug
flag that can use to help me find out the issue?

Thanks in advance

Thiago Moreira
Sake Blok
2010-01-18 20:48:06 UTC
Permalink
The file /root/foo.pem probably contains both the certificate and the key. You should delete the part with the certificate. Or you could use the following openssl command:

openssl pkcs12 -in foo.p12 -out foo.pem -nodes -nocerts

Hope this helps,
Cheers,
Sake



----- Original Message -----
From: Thiago Moreira (timba)
To: wireshark-users-IZ8446WsY0/***@public.gmane.org
Sent: Monday, January 18, 2010 8:12 PM
Subject: [Wireshark-users] can't load private key from /root/foo.pem


Hi there,


I'm facing the following error when adding a private key to the "RSA key list" field on Wireshark preferences.


can't load private key from /root/foo.pem


The key was generated by $JAVA_HOME/bin/keytool and then I used the following commands to export it to a PEM format


keytool -importkeystore -srckeystore .keystore -destkeystore foo.p12 -srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in foo.p12 -out foo.pem


My question is how can I find out what is going on? Is there any debug flag that can use to help me find out the issue?


Thanks in advance


Thiago Moreira
Thiago Moreira (timba)
2010-01-18 23:07:42 UTC
Permalink
Thank you Sake! The error message has gone away.

But I'm still not able to see the header of http in a plain text. I'm
using the context menu "Decode As.." to decode the encrypted packet but no
success! Any clue?

Thanks
Post by Sake Blok
The file /root/foo.pem probably contains both the certificate and the
key. You should delete the part with the certificate. Or you could use the
openssl pkcs12 -in foo.p12 -out foo.pem *-nodes -nocerts*
**
Hope this helps,
Cheers,
Sake
----- Original Message -----
*Sent:* Monday, January 18, 2010 8:12 PM
*Subject:* [Wireshark-users] can't load private key from /root/foo.pem
Hi there,
I'm facing the following error when adding a private key to the "RSA key
list" field on Wireshark preferences.
can't load private key from /root/foo.pem
The key was generated by $JAVA_HOME/bin/keytool and then I used the
following commands to export it to a PEM format
keytool -importkeystore -srckeystore .keystore -destkeystore foo.p12
-srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in foo.p12 -out foo.pem
My question is how can I find out what is going on? Is there any debug
flag that can use to help me find out the issue?
Thanks in advance
Thiago Moreira
------------------------------
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
Sake Blok
2010-01-19 07:36:24 UTC
Permalink
There is no need to use the "Decode As..." if you configure the RSA key list correctly in the SSL protocol preferences. You should configure the RSA key list like this:

<server-ip>,<server-port>,<protocol inside ssl>,<key-file-location>

If I understand you correctly, your SSL traffic is not on port 443, so let's assume your server is at 10.0.0.1 and uses port 8443 and the protocol inside SSL is http, you would use:

10.0.0.1,8443,http,/root/foo.pem

Hope this helps,
Cheers,
Sake
----- Original Message -----
From: Thiago Moreira (timba)
To: Community support list for Wireshark
Sent: Tuesday, January 19, 2010 12:07 AM
Subject: Re: [Wireshark-users] can't load private key from /root/foo.pem




Thank you Sake! The error message has gone away.


But I'm still not able to see the header of http in a plain text. I'm using the context menu "Decode As.." to decode the encrypted packet but no success! Any clue?


Thanks


On Mon, Jan 18, 2010 at 6:48 PM, Sake Blok <sake-dNWzXRSXXtjz+***@public.gmane.org> wrote:

The file /root/foo.pem probably contains both the certificate and the key. You should delete the part with the certificate. Or you could use the following openssl command:

openssl pkcs12 -in foo.p12 -out foo.pem -nodes -nocerts

Hope this helps,
Cheers,
Sake



----- Original Message -----
From: Thiago Moreira (timba)
To: wireshark-users-IZ8446WsY0/***@public.gmane.org
Sent: Monday, January 18, 2010 8:12 PM
Subject: [Wireshark-users] can't load private key from /root/foo.pem


Hi there,


I'm facing the following error when adding a private key to the "RSA key list" field on Wireshark preferences.


can't load private key from /root/foo.pem


The key was generated by $JAVA_HOME/bin/keytool and then I used the following commands to export it to a PEM format


keytool -importkeystore -srckeystore .keystore -destkeystore foo.p12 -srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in foo.p12 -out foo.pem


My question is how can I find out what is going on? Is there any debug flag that can use to help me find out the issue?


Thanks in advance


Thiago Moreira




--------------------------------------------------------------------------


___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users-IZ8446WsY0/***@public.gmane.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request-IZ8446WsY0/***@public.gmane.org?subject=unsubscribe


___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users-IZ8446WsY0/***@public.gmane.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request-IZ8446WsY0/***@public.gmane.org?subject=unsubscribe
Thiago Moreira (timba)
2010-01-19 13:27:35 UTC
Permalink
Hey Sake,

This is my configuration: 127.0.0.1,8443,http,/home/tmoreira2020/foo.pem .
It is pretty straightforward like yours, except the IP address but it does
not work.

Is there a way to debug deeper on wireshark to know if the SSL key is
being used/loaded/matched?

Cheers

Thiago Moreira
Post by Sake Blok
There is no need to use the "Decode As..." if you configure the RSA key
list correctly in the SSL protocol preferences. You should configure the RSA
<server-ip>,<server-port>,<protocol inside ssl>,<key-file-location>
If I understand you correctly, your SSL traffic is not on port 443, so
let's assume your server is at 10.0.0.1 and uses port 8443 and the protocol
10.0.0.1,8443,http,/root/foo.pem
Hope this helps,
Cheers,
Sake
----- Original Message -----
*Sent:* Tuesday, January 19, 2010 12:07 AM
*Subject:* Re: [Wireshark-users] can't load private key from /root/foo.pem
Thank you Sake! The error message has gone away.
But I'm still not able to see the header of http in a plain text. I'm
using the context menu "Decode As.." to decode the encrypted packet but no
success! Any clue?
Thanks
Post by Sake Blok
The file /root/foo.pem probably contains both the certificate and the
key. You should delete the part with the certificate. Or you could use the
openssl pkcs12 -in foo.p12 -out foo.pem *-nodes -nocerts*
**
Hope this helps,
Cheers,
Sake
----- Original Message -----
*Sent:* Monday, January 18, 2010 8:12 PM
*Subject:* [Wireshark-users] can't load private key from /root/foo.pem
Hi there,
I'm facing the following error when adding a private key to the "RSA key
list" field on Wireshark preferences.
can't load private key from /root/foo.pem
The key was generated by $JAVA_HOME/bin/keytool and then I used the
following commands to export it to a PEM format
keytool -importkeystore -srckeystore .keystore -destkeystore foo.p12
-srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in foo.p12 -out foo.pem
My question is how can I find out what is going on? Is there any debug
flag that can use to help me find out the issue?
Thanks in advance
Thiago Moreira
------------------------------
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
------------------------------
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
Ian Schorr
2010-01-19 13:38:21 UTC
Permalink
I've been having a lot of problems with the SSL and Kerberos
decryption lately. Odd thing I've found is that when I can decrypt on
a Windows release, I can't on a unix (at least, Linux and OS X). And
if I can decrypt on a Unix, I can't in Windows. It's traffic-dependent
somehow, but I haven't spent much time investigating. Maybe you're
having a similar problem?

Have you configured an ssl debug file (in the protocol prefs)?

-Ian
Post by Thiago Moreira (timba)
Hey Sake,
This is my configuration: 127.0.0.1,8443,http,/home/tmoreira2020/
foo.pem . It is pretty straightforward like yours, except the IP
address but it does not work.
Is there a way to debug deeper on wireshark to know if the SSL key
is being used/loaded/matched?
Cheers
Thiago Moreira
There is no need to use the "Decode As..." if you configure the RSA
key list correctly in the SSL protocol preferences. You should
<server-ip>,<server-port>,<protocol inside ssl>,<key-file-location>
If I understand you correctly, your SSL traffic is not on port 443,
so let's assume your server is at 10.0.0.1 and uses port 8443 and
10.0.0.1,8443,http,/root/foo.pem
Hope this helps,
Cheers,
Sake
----- Original Message -----
From: Thiago Moreira (timba)
To: Community support list for Wireshark
Sent: Tuesday, January 19, 2010 12:07 AM
Subject: Re: [Wireshark-users] can't load private key from /root/
foo.pem
Thank you Sake! The error message has gone away.
But I'm still not able to see the header of http in a plain text.
I'm using the context menu "Decode As.." to decode the encrypted
packet but no success! Any clue?
Thanks
The file /root/foo.pem probably contains both the certificate and
the key. You should delete the part with the certificate. Or you
openssl pkcs12 -in foo.p12 -out foo.pem -nodes -nocerts
Hope this helps,
Cheers,
Sake
----- Original Message -----
From: Thiago Moreira (timba)
Sent: Monday, January 18, 2010 8:12 PM
Subject: [Wireshark-users] can't load private key from /root/foo.pem
Hi there,
I'm facing the following error when adding a private key to the
"RSA key list" field on Wireshark preferences.
can't load private key from /root/foo.pem
The key was generated by $JAVA_HOME/bin/keytool and then I used
the following commands to export it to a PEM format
keytool -importkeystore -srckeystore .keystore -destkeystore
foo.p12 -srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in foo.p12 -out foo.pem
My question is how can I find out what is going on? Is there any
debug flag that can use to help me find out the issue?
Thanks in advance
Thiago Moreira
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
Thiago Moreira (timba)
2010-01-19 14:10:56 UTC
Permalink
Hey Ian,

I just configured a file and got a bunch of this message:

dissect_ssl enter frame #1118 (first time)
conversation = 0xb24a8940, ssl_session = 0xb24a9610
record: offset = 0, reported_length_remaining = 2549
dissect_ssl3_record: content_type 23
decrypt_ssl3_record: app_data len 2544 ssl, state 0x17
association_find: TCP port 8443 found 0xba9e87e8
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 8443 found 0xba9e87e8

"no decoder available" is this my problem?

Thanks

Thiago Moreira
I've been having a lot of problems with the SSL and Kerberos decryption
lately. Odd thing I've found is that when I can decrypt on a Windows
release, I can't on a unix (at least, Linux and OS X). And if I can decrypt
on a Unix, I can't in Windows. It's traffic-dependent somehow, but I haven't
spent much time investigating. Maybe you're having a similar problem?
Have you configured an ssl debug file (in the protocol prefs)?
-Ian
On 20/01/2010, at 12:27 AM, "Thiago Moreira (timba)" <
Hey Sake,
This is my configuration: 127.0.0.1,8443,http,/home/tmoreira2020/foo.pem .
It is pretty straightforward like yours, except the IP address but it does
not work.
Is there a way to debug deeper on wireshark to know if the SSL key is
being used/loaded/matched?
Cheers
Thiago Moreira
Post by Sake Blok
There is no need to use the "Decode As..." if you configure the RSA key
list correctly in the SSL protocol preferences. You should configure the RSA
<server-ip>,<server-port>,<protocol inside ssl>,<key-file-location>
If I understand you correctly, your SSL traffic is not on port 443, so
let's assume your server is at 10.0.0.1 and uses port 8443 and the protocol
10.0.0.1,8443,http,/root/foo.pem
Hope this helps,
Cheers,
Sake
----- Original Message -----
*Sent:* Tuesday, January 19, 2010 12:07 AM
*Subject:* Re: [Wireshark-users] can't load private key from
/root/foo.pem
Thank you Sake! The error message has gone away.
But I'm still not able to see the header of http in a plain text. I'm
using the context menu "Decode As.." to decode the encrypted packet but no
success! Any clue?
Thanks
Post by Sake Blok
The file /root/foo.pem probably contains both the certificate and the
key. You should delete the part with the certificate. Or you could use the
openssl pkcs12 -in foo.p12 -out foo.pem *-nodes -nocerts*
**
Hope this helps,
Cheers,
Sake
----- Original Message -----
*Sent:* Monday, January 18, 2010 8:12 PM
*Subject:* [Wireshark-users] can't load private key from /root/foo.pem
Hi there,
I'm facing the following error when adding a private key to the "RSA
key list" field on Wireshark preferences.
can't load private key from /root/foo.pem
The key was generated by $JAVA_HOME/bin/keytool and then I used the
following commands to export it to a PEM format
keytool -importkeystore -srckeystore .keystore -destkeystore foo.p12
-srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in foo.p12 -out foo.pem
My question is how can I find out what is going on? Is there any debug
flag that can use to help me find out the issue?
Thanks in advance
Thiago Moreira
------------------------------
___________________________________________________________________________
Archives: <http://www.wireshark.org/lists/wireshark-users>
http://www.wireshark.org/lists/wireshark-users
Unsubscribe: <https://wireshark.org/mailman/options/wireshark-users>
https://wireshark.org/mailman/options/wireshark-users
___________________________________________________________________________
Archives: <http://www.wireshark.org/lists/wireshark-users>
http://www.wireshark.org/lists/wireshark-users
Unsubscribe: <https://wireshark.org/mailman/options/wireshark-users>
https://wireshark.org/mailman/options/wireshark-users
------------------------------
___________________________________________________________________________
Archives: <http://www.wireshark.org/lists/wireshark-users>
http://www.wireshark.org/lists/wireshark-users
Unsubscribe: <https://wireshark.org/mailman/options/wireshark-users>
https://wireshark.org/mailman/options/wireshark-users
___________________________________________________________________________
Archives: <http://www.wireshark.org/lists/wireshark-users>
http://www.wireshark.org/lists/wireshark-users
Unsubscribe: <https://wireshark.org/mailman/options/wireshark-users>
https://wireshark.org/mailman/options/wireshark-users
___________________________________________________________________________
Archives: <http://www.wireshark.org/lists/wireshark-users>
http://www.wireshark.org/lists/wireshark-users
Unsubscribe: <https://wireshark.org/mailman/options/wireshark-users>
https://wireshark.org/mailman/options/wireshark-users
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
Ian Schorr
2010-01-19 14:35:31 UTC
Permalink
No, that fooled me too at first, but I get that for decrypted frames
as well. What else do you see?

On Wed, Jan 20, 2010 at 1:10 AM, Thiago Moreira (timba)
  Hey Ian,
  dissect_ssl enter frame #1118 (first time)
  conversation = 0xb24a8940, ssl_session = 0xb24a9610
  record: offset = 0, reported_length_remaining = 2549
dissect_ssl3_record: content_type 23
decrypt_ssl3_record: app_data len 2544 ssl, state 0x17
association_find: TCP port 8443 found 0xba9e87e8
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 8443 found 0xba9e87e8
 "no decoder available" is this my problem?
  Thanks
  Thiago Moreira
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users-IZ8446WsY0/***@public.gmane.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request-IZ8446WsY0/***@public.gmane.org?subject=unsubscribe
Thiago Moreira (timba)
2010-01-19 16:33:23 UTC
Permalink
I don't see anything else, I'm a beginner in SSL matters... Attached I
sent my SSL debug file... I appreciate if some one would be able to check if
there is something wrong on it.

Cheers

Thiago Moreira
Post by Ian Schorr
No, that fooled me too at first, but I get that for decrypted frames
as well. What else do you see?
On Wed, Jan 20, 2010 at 1:10 AM, Thiago Moreira (timba)
Post by Thiago Moreira (timba)
Hey Ian,
dissect_ssl enter frame #1118 (first time)
conversation = 0xb24a8940, ssl_session = 0xb24a9610
record: offset = 0, reported_length_remaining = 2549
dissect_ssl3_record: content_type 23
decrypt_ssl3_record: app_data len 2544 ssl, state 0x17
association_find: TCP port 8443 found 0xba9e87e8
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 8443 found 0xba9e87e8
"no decoder available" is this my problem?
Thanks
Thiago Moreira
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
Thiago Moreira (timba)
2010-01-20 13:33:05 UTC
Permalink
Hi there,

Any clue about my ssl-debug file?? I found this two messages on it that
might be causingissues or not??

ssl_generate_keyring_material not enough data to generate key (0x16
required 0x37 or 0x57)
dissect_ssl3_hnd_srv_hello can't generate keyring material

and

packet_from_server: is from server - FALSE

This last one only happens when the connection is not on port 8443. I
think this is the client -> http server way.

Thanks in advance

Thiago Moreira




On Tue, Jan 19, 2010 at 2:33 PM, Thiago Moreira (timba) <
Post by Thiago Moreira (timba)
I don't see anything else, I'm a beginner in SSL matters... Attached I
sent my SSL debug file... I appreciate if some one would be able to check if
there is something wrong on it.
Cheers
Thiago Moreira
Post by Ian Schorr
No, that fooled me too at first, but I get that for decrypted frames
as well. What else do you see?
On Wed, Jan 20, 2010 at 1:10 AM, Thiago Moreira (timba)
Post by Thiago Moreira (timba)
Hey Ian,
dissect_ssl enter frame #1118 (first time)
conversation = 0xb24a8940, ssl_session = 0xb24a9610
record: offset = 0, reported_length_remaining = 2549
dissect_ssl3_record: content_type 23
decrypt_ssl3_record: app_data len 2544 ssl, state 0x17
association_find: TCP port 8443 found 0xba9e87e8
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 8443 found 0xba9e87e8
"no decoder available" is this my problem?
Thanks
Thiago Moreira
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
Sake Blok
2010-01-20 16:06:57 UTC
Permalink
Post by Thiago Moreira (timba)
I don't see anything else, I'm a beginner in SSL matters... Attached I
sent my SSL debug file... I appreciate if some one would be able to check
if there is something wrong on it.
The problem is that you are using a DH cipher:

dissect_ssl3_hnd_srv_hello found CIPHER 0x0033 -> state 0x17

(cipher 0x33 = TLS_DHE_RSA_WITH_AES_128_CBC_SHA)

It is not possible to decrypt SSL sessions that use a DH cipher based
on network traffic and private key. You could restrict the cipher-list on
the client to make sure a cipher is chosen that makes it possible to decrypt.

Cheers,


Sake
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users-IZ8446WsY0/***@public.gmane.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request-IZ8446WsY0/***@public.gmane.org?subject=unsubscribe
Thiago Moreira (timba)
2010-01-20 16:36:16 UTC
Permalink
Hey Sake,

I'm using Chrome-4.0.249.43, Firefox-3.5.7 and Android emulator API level
1.6 all running on Ubuntu-9.10 and I didn't find a way to change/restrict
the list of ciphers... Is it possible on these clients?

Thanks again!

Thiago Moreira
Post by Sake Blok
Post by Thiago Moreira (timba)
I don't see anything else, I'm a beginner in SSL matters... Attached
I
Post by Thiago Moreira (timba)
sent my SSL debug file... I appreciate if some one would be able to
check
Post by Thiago Moreira (timba)
if there is something wrong on it.
dissect_ssl3_hnd_srv_hello found CIPHER 0x0033 -> state 0x17
(cipher 0x33 = TLS_DHE_RSA_WITH_AES_128_CBC_SHA)
It is not possible to decrypt SSL sessions that use a DH cipher based
on network traffic and private key. You could restrict the cipher-list on
the client to make sure a cipher is chosen that makes it possible to decrypt.
Cheers,
Sake
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
Jakub Zawadzki
2010-01-20 16:54:35 UTC
Permalink
Post by Thiago Moreira (timba)
I'm using Chrome-4.0.249.43, Firefox-3.5.7 and Android emulator API level
1.6 all running on Ubuntu-9.10 and I didn't find a way to change/restrict
the list of ciphers... Is it possible on these clients?
In firefox you can enable/disable ciphers using about:config,
filer with "security.ssl"

false means disabled, true means enabled
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users-IZ8446WsY0/***@public.gmane.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request-IZ8446WsY0/***@public.gmane.org?subject=unsubscribe
Thiago Moreira (timba)
2010-01-18 18:53:57 UTC
Permalink
Hi there,

I'm facing the following error when adding a private key to the "RSA key
list" field on Wireshark preferences.

can't load private key from /root/foo.pem

The key was generated by $JAVA_HOME/bin/keytool and then I used the
following commands to export it to a PEM format

keytool -importkeystore -srckeystore .keystore -destkeystore foo.p12
-srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in foo.p12 -out foo.pem

My question is how can I find out what is going on? Is there any debug
flag that can use to help me find out the issue?

Thanks in advance

Thiago Moreira
Ryan Zuidema
2010-01-21 18:23:01 UTC
Permalink
Post by Thiago Moreira (timba)
Thank you Sake! The error message has gone away.
But I'm still not able to see the header of http in a plain text. I'm
using the context menu "Decode As.." to decode the encrypted packet but no
success! Any clue?
Thanks
Post by Sake Blok
The file /root/foo.pem probably contains both the certificate and the
key. You should delete the part with the certificate. Or you could use the
openssl pkcs12 -in foo.p12 -out foo.pem *-nodes -nocerts*
**
Hope this helps,
Cheers,
Sake
----- Original Message -----
*Sent:* Monday, January 18, 2010 8:12 PM
*Subject:* [Wireshark-users] can't load private key from /root/foo.pem
Hi there,
I'm facing the following error when adding a private key to the "RSA key
list" field on Wireshark preferences.
can't load private key from /root/foo.pem
The key was generated by $JAVA_HOME/bin/keytool and then I used the
following commands to export it to a PEM format
keytool -importkeystore -srckeystore .keystore -destkeystore foo.p12
-srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in foo.p12 -out foo.pem
My question is how can I find out what is going on? Is there any debug
flag that can use to help me find out the issue?
Thanks in advance
Thiago Moreira
------------------------------
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users-IZ8446WsY0/***@public.gmane.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request-IZ8446WsY0/***@public.gmane.org?subject=unsubscribe
Thiago Moreira (timba)
2010-01-22 19:28:57 UTC
Permalink
Hey Ryan,

I didn't get your reply! I'm still unable to decode ssl connections...

Cheers
Post by Thiago Moreira (timba)
Post by Thiago Moreira (timba)
Thank you Sake! The error message has gone away.
But I'm still not able to see the header of http in a plain text. I'm
using the context menu "Decode As.." to decode the encrypted packet but no
success! Any clue?
Thanks
Post by Sake Blok
The file /root/foo.pem probably contains both the certificate and the
key. You should delete the part with the certificate. Or you could use
the
Post by Thiago Moreira (timba)
Post by Sake Blok
openssl pkcs12 -in foo.p12 -out foo.pem *-nodes -nocerts*
**
Hope this helps,
Cheers,
Sake
----- Original Message -----
*Sent:* Monday, January 18, 2010 8:12 PM
*Subject:* [Wireshark-users] can't load private key from /root/foo.pem
Hi there,
I'm facing the following error when adding a private key to the "RSA
key
Post by Thiago Moreira (timba)
Post by Sake Blok
list" field on Wireshark preferences.
can't load private key from /root/foo.pem
The key was generated by $JAVA_HOME/bin/keytool and then I used the
following commands to export it to a PEM format
keytool -importkeystore -srckeystore .keystore -destkeystore
foo.p12
Post by Thiago Moreira (timba)
Post by Sake Blok
-srcstoretype jks -deststoretype pkcs12
openssl pkcs12 -in foo.p12 -out foo.pem
My question is how can I find out what is going on? Is there any debug
flag that can use to help me find out the issue?
Thanks in advance
Thiago Moreira
------------------------------
___________________________________________________________________________
Post by Thiago Moreira (timba)
Post by Sake Blok
Sent via: Wireshark-users mailing list <
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
___________________________________________________________________________
Post by Thiago Moreira (timba)
Post by Sake Blok
Sent via: Wireshark-users mailing list <
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe
Loading...