Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, July 12, 2018 9:22 PM
I am trying to disable Diffie-Hellman ciphers so I can troubleshoot an https issue using Wireshark from my Windows 10 Surfact Pro 3.
I have followed the articles below
http://www.joji.me/en-us/blog/walkthrough-decrypt-ssl-tls-traffic-https-and-http2-in-wireshark
- I followed the export of the private key and the Internet Explorer instructions.
https://www3.trustwave.com/support/kb/Article.aspx?id=14784 - just tried this as a shot in the dark as it is for the server side.
When I run Wireshark, it still shows "Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)"
Is there something else I have to disable this in Windows 10?
All replies (2)
Friday, July 13, 2018 2:53 AM
How can disabling Diffie-Hellman cipher for packet inspection be secure?
Please Note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
In fact, for Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) related question, you’d better ask for assistance from github forum directly, look at this case below.
https://github.com/dotnet/corefx/issues/15157
Thank you for understanding and cooperating.
Regards
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Friday, July 13, 2018 2:05 PM
I possibly did not explain myself completely from the original post.
Disabling DH is a temporary change. We cannot see the packets be captured because they are currently encrypted by the DH cipher. We want to turn this off on the Windows 10 PC side so we can see the packets. That is the first link provided.
For the GitHub, I am not following the connection, unfortunately. Maybe you can elaborate more. I am dealing with Win10 PC, SharePoint 2013 on Win 2012, and using Wireshark for packet capture.