例如:202.127.168.21:443
尝试了命令
openssl s_client -connect server:port 2>&1 | sed -ne "/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p" > cert.pem
来自Using openssl to get the certificate from a server
DEBUG.TXT
Wireshark SSL debug log
ssl_load_key: can't import pem data: Base64 unexpected header error.
dissect_ssl enter frame #4 (first time)
ssl_session_init: initializing ptr 05EA6D14 size 592
conversation = 05EA68F0, ssl_session = 05EA6D14
record: offset = 0, reported_length_remaining = 240
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 235, ssl state 0x00
association_find: TCP port 3204 found 00000000
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 1 offset 5 length 231 bytes, remaining 240
packet_from_server: is from server - FALSE
ssl_find_private_key server 202.127.168.21:443
ssl_find_private_key can't find private key for this server! Try it again with universal port 0
ssl_find_private_key can't find private key for this server (universal port)! Try it again with universal address 0.0.0.0
ssl_find_private_key can't find any private key!
dissect_ssl3_hnd_hello_common found CLIENT RANDOM -> state 0x01
dissect_ssl enter frame #6 (first time)
conversation = 05EA68F0, ssl_session = 05EA6D14
record: offset = 0, reported_length_remaining = 86
dissect_ssl3_record found version 0x0303(TLS 1.2) -> state 0x11
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 81, ssl state 0x11
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 77 bytes, remaining 86
dissect_ssl3_hnd_hello_common found SERVER RANDOM -> state 0x13
ssl_restore_session can't find stored session
trying to use SSL keylog in
failed to open SSL keylog
cannot find master secret in keylog file either
dissect_ssl3_hnd_srv_hello found CIPHER 0x0005 -> state 0x17
dissect_ssl3_hnd_srv_hello trying to generate keys
ssl_generate_keyring_material not enough data to generate key (0x17 required 0x37 or 0x57)
dissect_ssl3_hnd_srv_hello can't generate keyring material
dissect_ssl enter frame #7 (first time)
conversation = 05EA68F0, ssl_session = 05EA6D14
record: offset = 0, reported_length_remaining = 6
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
packet_from_server: is from server - TRUE
ssl_change_cipher SERVER
dissect_ssl enter frame #9 (first time)
conversation = 05EA68F0, ssl_session = 05EA6D14
record: offset = 0, reported_length_remaining = 41
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 36, ssl state 0x17
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 203 offset 5 length 9339809 bytes, remaining 41
dissect_ssl enter frame #10 (first time)
conversation = 05EA68F0, ssl_session = 05EA6D14
record: offset = 0, reported_length_remaining = 47
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
packet_from_server: is from server - FALSE
ssl_change_cipher CLIENT
record: offset = 6, reported_length_remaining = 41
dissect_ssl3_record: content_type 22 Handshake
decrypt_ssl3_record: app_data len 36, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
dissect_ssl3_handshake iteration 1 type 237 offset 11 length 3359662 bytes, remaining 47
dissect_ssl enter frame #11 (first time)
conversation = 05EA68F0, ssl_session = 05EA6D14
record: offset = 0, reported_length_remaining = 776
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 771, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 3204 found 00000000
association_find: TCP port 443 found 05363358
dissect_ssl enter frame #13 (first time)
conversation = 05EA68F0, ssl_session = 05EA6D14
record: offset = 0, reported_length_remaining = 1460
need_desegmentation: offset = 0, reported_length_remaining = 1460
dissect_ssl enter frame #23 (first time)
conversation = 05EA68F0, ssl_session = 05EA6D14
record: offset = 0, reported_length_remaining = 10305
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 10300, ssl state 0x17
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 443 found 05363358
dissect_ssl enter frame #24 (first time)
conversation = 05EA68F0, ssl_session = 05EA6D14
record: offset = 0, reported_length_remaining = 30
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 25, ssl state 0x17
packet_from_server: is from server - TRUE
decrypt_ssl3_record: using server decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 443 found 05363358
dissect_ssl enter frame #28 (first time)
ssl_session_init: initializing ptr 05EA8568 size 592
conversation = 05EA8328, ssl_session = 05EA8568
record: offset = 0, reported_length_remaining = 1
dissect_ssl enter frame #9 (already visited)
conversation = 05EA68F0, ssl_session = 00000000
record: offset = 0, reported_length_remaining = 41
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 203 offset 5 length 9339809 bytes, remaining 41
dissect_ssl enter frame #10 (already visited)
conversation = 05EA68F0, ssl_session = 00000000
record: offset = 0, reported_length_remaining = 47
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
record: offset = 6, reported_length_remaining = 41
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 237 offset 11 length 3359662 bytes, remaining 47
dissect_ssl enter frame #11 (already visited)
conversation = 05EA68F0, ssl_session = 00000000
record: offset = 0, reported_length_remaining = 776
dissect_ssl3_record: content_type 23 Application Data
association_find: TCP port 3204 found 00000000
association_find: TCP port 443 found 05363358
dissect_ssl enter frame #7 (already visited)
conversation = 05EA68F0, ssl_session = 00000000
record: offset = 0, reported_length_remaining = 6
dissect_ssl3_record: content_type 20 Change Cipher Spec
dissect_ssl3_change_cipher_spec
dissect_ssl enter frame #6 (already visited)
conversation = 05EA68F0, ssl_session = 00000000
record: offset = 0, reported_length_remaining = 86
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 2 offset 5 length 77 bytes, remaining 86
dissect_ssl enter frame #4 (already visited)
conversation = 05EA68F0, ssl_session = 00000000
record: offset = 0, reported_length_remaining = 240
dissect_ssl3_record: content_type 22 Handshake
dissect_ssl3_handshake iteration 1 type 1 offset 5 length 231 bytes, remaining 240
如何获取私钥?从https://security.stackexchange.com/questions/20789/ssl-decryption-in-wireshark,“解密你需要私钥。服务器的证书,作为SSL连接的初始步骤(”握手“)的一部分发送,只包含公钥(这不足以解密)。“,它是说实话吗?