Revision history [back]
Firstly, the SSL dissector has been renamed to TLS, so everything else, e.g. preferences, has been adjusted accordingly.
Secondly, the configuration is slightly simpler now if using a private RSA server key, only the RSA Keys entry is listed. The key file should be in PEM format, i.e. it should be text and has "-----BEGIN RSA PRIVATE KEY-----", or a PKCS#12 store, i.e. a pfx file.
Thirdly, a private RSA key can only be used to decrypt the traffic if the following are true:
- The cipher suite selected by the server is not using (EC)DHE.
- The protocol version is SSLv3, (D)TLS 1.0-1.2. It does not work with TLS 1.3.
- The private key matches the server certificate. It does not work with the client certificate, nor the Certificate Authority (CA) certificate.
- The session has not been resumed. The handshake must include the ClientKeyExchange handshake message.
See the wiki TLS page for more info.