![]() The solution is to disable Diffie-Hellman from the client or the server. The session key is transferred encrypted with a dynamically generated key pair (instead of encrypted with the public key from the certificate) if the SSL session is using a Diffie-Hellman cipher. We can confirm an SSL session is using a Diffie-Hellman cipher if the Cipher Suite value of the Server Hello message contains " ECDHE" or " DHE". If Wireshark still doesn't decrypt the TLS/SSL packets, then the SSL session may be using a Diffie-Hellman cipher. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |