You can go to Edit → Preferences → Protocols → SSL and add the private key to the RSA keys list: The first option, providing Wireshark with the private keys, is by far the easiest. Firstly, you can configure Wireshark with the private keys used to encrypt the connection, and secondly, you can provide Wireshark with pre-master keys obtained from a client process that uses OpenSSL. When a connection is encrypted with SSL, it is impossible to dissect the MongoDB Wire Protocol data that is exchanged between client and server-unless a trick is employed to first decrypt that data.įortunately, Wireshark allows dissection and analysis of encrypted connections in two different ways.
It is common to enable SSL when talking to MongoDB, especially if the server communicates over a public network. In the conclusion of that first article, I alluded to the complications with inspecting SSL traffic in Wireshark, which I hope to cover in this post. This is a follow up post to Wireshark and MongoDB 3.6, in which I explained how I added support for MongoDB's OP_MSG and OP_COMPRESSED message formats to Wireshark.
0 kommentar(er)
