Tuesday, December 14, 2010

Decrypting SSL traffic with Wireshark: "ssl_load_key: can't import pem data"


One reason for the "ssl_load_key: can't import pem data" can be:
Open your PEM Key file.
It should read
-----BEGIN RSA PRIVATE KEY-----
Base64 encoded key
-----END RSA PRIVATE KEY-----
Occasionally you will end up with a key file in the following format, hence the "ssl_load_key: can't import pem data" error,
-----BEGIN PRIVATE KEY-----
Bse64 encoded key
-----END PRIVATE KEY-----
To convert it to the correct format that can be read by Wireshark you will need OpenSSL,
Enter the following commands into a console window:
> openssl pkcs8 -topk8 -in key.pem -out temp.pem
Enter a temporary password when prompted
And then to RSA format:
>openssl rsa -in temp.pem -out rsa.pem
Enter the temporary password from previous step when prompted.
Use rsa.pem in Wireshark

No comments:

Post a Comment