Printer FriendlyEmail Article Link

How to view encrypted SUPL messages in Wireshark?


 By default, all SUPL messages during TLS negotiation are encrypted and cannot be viewed in Wireshark. It's necessary to input the decryption key to let Wireshark fully decode the messages. Steps to accomplish this are as follows:

1. Selecting menu "Edit" -> "Preferences" item

2. Choose "SSL" under "Protocols" tree in the window on the left hand side

3. Input the following in the "RSA keys list" field ",7275,ulp,C:\Program Files\Spirent Communications\TestDrive ULTS\PRIVATEKEYS\spirentkey.pem"

After that, all TLS negotiation messages and SUPL messages can be decoded and viewed in Wireshark