您可以检查/监视使用Wireshark发送的请求中的客户端证书吗? [英] Can you check/monitor the client certificates sent in requests using Wireshark?
问题描述
我可以使用客户端证书在本地主机上发出HTTP请求。
I'm able to make HTTP requests on my local host using client certificates.
我的代码中有一些逻辑,可以使两个请求根据请求的条件使用或不使用同一证书。
I have some logic in my code that can make two requests use the same certificate for their requests, or not, depending on certain conditions.
我的本地主机当前指向默认的欢迎使用IIS页面。
My localhost is currently pointing to the default 'Welcome to IIS' page.
有什么方法可以使用Wireshark来检测在单独的请求中从我的计算机发送的客户端证书是否相同?
Is there any way to use Wireshark to detect if the client certificates that are being sent from my machine in separate requests are the same or not?
PS:如果有人可以提出更好的实现方法我想在这里做的事情也可以。我不一定需要使用Wireshark。我的主要目的是确定两个不同的请求是否正在发送相同的证书,如我在此处所述:
如何监视通过请求发送的客户端证书?
PS: If someone can suggest a better way of achieving what I'm trying to do here, that'd work as well. I don't necessarily need to use Wireshark. My main objective is to figure if two different requests are sending the same cert or not, as I've mentioned here: How do I monitor client certs that are being sent via the requests?
谢谢!
推荐答案
我找到了一种方法。 本指南总而言之,是的,您可以使用Wireshark来检查正在从客户端发送(或在服务器上接收到)哪些客户端证书。
I found a way to do this. This guide helped, in summary, yes, you can use Wireshark to examine what client certificates are being sent from the client (or received on the server).
您只需要在发出和处理请求的时间段内开始捕获Wireshark上的流量,然后添加适当的过滤器以根据协议进行过滤。就我而言,我基于发送者和接收者的IP地址对其进行过滤,因为我俩都知道。
You need to start capturing traffic on Wireshark, only for the period of time when the request(s) is made and processed, and then add the appropriate filters to filter based on the protocol. In my case, I filtered it based on the IP address of the sender and receiver because I knew both.
您将需要服务器的证书来解密邮件,因为它们将以加密格式传输。您可以通过编辑->首选项轻松地做到这一点。从左侧菜单中选择协议-> SSL->单击编辑。添加服务器的证书和IP,然后保存设置。
You'll need the server's certificate to decrypt the messages because they'll be transmitted in encrypted format. You can easily do that by going to Edit -> Preferences. Select Protocols from the menu on the left -> SSL -> Click edit. Add the server's cert and IP, and save the settings.
这篇关于您可以检查/监视使用Wireshark发送的请求中的客户端证书吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
