This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exports Sophos UTM Private Key to decrypt tcpdump

I have done a tcpdump from the Sophos UTM (UTM is SSL intercepting all SSL traffic at the moment). I would like to analyze the traffic from one particular client so I have done a tcpdump for that IP only. I have not been able to find the private key on the UTM though that will allow me to decrypt the SSL traffic in Wireshark. Someone suggested running this command as root.

cc get_objects_filtered '$_->{type} eq "signing_ca"'

This didn't seem to do anything. Anyone know how to export the default private key?

This thread was automatically locked due to age.

Parents

0 BAlfson over 9 years ago
teched, that will give him all of the signing CAs. How about:
cc get_object_by_name ca signing_ca 'Proxy CA'

But why not just download the PEM or PKCS#12 from the 'HTTPS CAs' tab in 'Filtering Options'?

Cheers - Bob
PS In fact, teched is the reason that I've learned so much about cc, and he's teaching us all new things almost daily.
Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 9 years ago
teched, that will give him all of the signing CAs. How about:
cc get_object_by_name ca signing_ca 'Proxy CA'

But why not just download the PEM or PKCS#12 from the 'HTTPS CAs' tab in 'Filtering Options'?

Cheers - Bob
PS In fact, teched is the reason that I've learned so much about cc, and he's teaching us all new things almost daily.
Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data