On Thu, Nov 06, 2003 at 09:21:38AM +0100, Lutz Jaenicke wrote:
> Hmm. ssldump (http://www.rtfm.com/ssldump) does have the ability to
> perform this task. Maybe you can get some hint by "studying" its
> implementation :-)
I don't think it really works - I certainly never got it to work.
It actually says:
"ssldump can decrypt traffic between two hosts if the following two
conditions are met:
1. ssldump has the keys.
2. Static RSA was used."
I don't know what "Static RSA" is - but I guess my Apache servers don't have
it :-<
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
