I have PEM key and RSA key on hand, when I was trying to analysis the wireshark pcapng file which logged on my networking nodes, the tls encrypted tls/ssl package contents can NOT be decrypted as shown below:
The pem key info printed with openssl(x509) as shown below:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:.......................:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=changeme changeme Company, OU=IT, CN=changeme Corporate Issuing CA 01
Validity
Not Before: Sep 9 09:27:27 2019 GMT
Not After : Sep 8 09:27:27 2020 GMT
Subject: C=US, ST=DC, L=ST, O=changeme changeme Company, OU=IT, CN=cmeptgapp.changeme.net
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00..........................................d4:
..............
eb..........................................af:
44:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:58:...................3C:88
X509v3 Authority Key Identifier:
keyid:AB:1......................................:21
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.changeme.com/pki/tdtd
Authority Information Access:
CA Issuers - URI:http://crl.changeme.com/pki/dtfh.crt
OCSP - URI:http://whoknows.changeme.com/whoknows
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
1.3............d...
X509v3 Extended Key Usage:
TLS Web Server Authentication
1............10:
.
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.45807.509.1.2
CPS: http://nobody.changeme.com/policies/nobodykonows.html
X509v3 Subject Alternative Name:
DNS:cmeptgapp.changeme.net
Signature Algorithm: sha256WithRSAEncryption
05................................................:e4:
......................................................................
...................................................:7b
I have tried to decrypt the package content by:
1. edit the wireshark/preference/protocol/ssl/RSA key
2. editcap command
but unfortunately no one works, possibly I used the commands wrong. How to solve this problem?