TLS解密对我不起作用。 [英] TLS Decryption not working for me.

问题描述

我无法让Message Analyzer的TLS解密工作。以下是我采取的步骤：

I can't get Message Analyzer's TLS decryption working. Here are the steps I took:

1。将所有TRCA证书导出到一个pfx文件，然后将该文件添加到MA。我不确定使用哪一个，这似乎是让这个工作最快的方法。

1. Exported all TRCA certs to one pfx file and then added that files to MA. I wasn't sure which one to use and this seem like the fastest way to get this working.

2。从"选项"菜单中将此文件添加到"消息分析器"。

2. Added this file to Message Analyzer from the Options menu.

2。使用本地网络接口进行跟踪，并通过将Word文档保存到OneDrive for Business来生成TLS流量。

2. Ran a trace using the Local Network Interface, and generated TLS traffic by saving a Word document to my OneDrive for Business.

捕获生成29条TLS消息，但解密工具仅报告17条加密消息，其中任何一条都无法解密。

The capture generated 29 TLS messages, though the Decryption tool only reports back 17 encrypted messages, none of which could be decrypted.

推荐答案

对于第1步，您是否导出了服务器端私有证书？ 这需要解密，因为客户端证书没有必要的信息。

For step 1, did you export the Server Side private certs?  This is required to decrypt as a client side cert doesn't have the necessary info.

对于列出的17个解密对话，当你点击一个时，你在Analysis Grid中看到了什么（它应该突出显示它们。）  它们仍显示为TLS，或者您是否看到TCP或重新组装的TCP模块。 如果它是后来的那么
可能是因为我们需要连接解析器，这是我们将继续做的事情。

For the 17 decrypted conversations listed, when you click on one, what do you see in the Analysis Grid (it should highlight them).   Doe they still show as TLS, or do you see TCP or Reassembled TCP modules instead.  If it's the later then it might be because we need to hook up the parsers still, which is something we continue to do over time.

BTW，另一种选择是使用未加密的HTTP方案首先捕获数据。 虽然我不能肯定这会起作用，但值得一试。

BTW, another option is to use the Unencrypted HTTP scenario to capture the data in the first place.  While I can't say for sure this will work, it could be worth a try.

这篇关于TLS解密对我不起作用。的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！