Uzair Farooq
Reputation: 2447
Wireshark not capturing HTTPS packets?
Wireshark is not capturing https packets. I've tried filtering them by portmap.port == 443 but no https packet is shown, however, http packets are captured fine.
Any suggestions?
Upvotes: 6
Views: 20849
Answers (1)
user862787
Reputation:
portmap refers to the ONC RPC portmapper protocol. That's only used for ONC RPC protocols such as NFS, YP, and the portmapper/rpcbind protocol itself.
HTTP, and HTTP-over-SSL/TLS, i.e. "https", do not use ONC RPC and, in particular, don't use the portmapper. They run atop TCP, so you'd want a display filter such as tcp.port == 443. (If you want a capture filter, so the only traffic you capture is traffic to or from port 443, port 443 would be the equivalent capture filter.)
Upvotes: 10
Related Questions
- How can I configure Wireshark to see HTTPS traffic?
- Wireshark not capturing any packets when I apply 'tcp port http' filter
- Wireshark on macOS does not parse HTTP packets
- Wireshark is not displaying http and https packets
- How to capture https traffic?
- Cannot decrypt HTTPS Traffic with Wireshark
- How do I sniff website url in a https packet request in wireshark?
- Decrypting HTTPS traffic in Wireshark not working
- how to capture HTTP packets in wireshark
- Can't get TcpCatcher to capture SSL traffic