This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.
Differences between revisions 5 and 6
Revision 5 as of 2006-06-05 03:19:10
Size: 1522
Editor: localhost
Comment:
Revision 6 as of 2007-10-01 16:32:23
Size: 1934
Editor: proxy21-ic-ext
Comment: added link to CMPv2 sample and added a reference to the RFC4211 - CRMF
Deletions are marked like this. Additions are marked like this.
Line 28: Line 28:
 * attachment:SampleCaptures/cmp-in-http-with-errors-in-cmp-protocol.pcap.gz CMP version 2 encapsulated in HTTP on port 4711. Full "Initialization Request" and rejected "Key Update Request". There are some errors in the CMP packages.
Line 45: Line 46:
  * [http://www.ietf.org/rfc/rfc4211.txt RFC 4211] ''Certificate Request Message Format'' is more or less bound to CMP. This Version obsoletes RFC 2511 and is used by RFC 4210

Certificate Management Protocol (CMP)

CMP is a protocol for managing Public Key Infrastrictures (PKI) based on X.509v3 certificates. Protocol messages are defined for certificate creation and management. It is used by commercial PKI products as Entrust Security Manager and Unicert

History

TODO:

Protocol dependencies

  • ["TCP"]: CMP can use ["TCP"] or ["HTTP"] as its transport protocol. The well known TCP port for CMP traffic is 829.

Example traffic

TODO: Add example traffic here (as plain text or Wireshark screenshot).

Wireshark

TODO:

Preference Settings

TODO:.

Example capture file

  • attachment:SampleCaptures/cmp-trace.pcap.gz CMP certificate requests
  • attachment:SampleCaptures/cmp-in-http-with-errors-in-cmp-protocol.pcap.gz CMP version 2 encapsulated in HTTP on port 4711. Full "Initialization Request" and rejected "Key Update Request". There are some errors in the CMP packages.

Display Filter

A complete list of CMP display filter fields can be found in the [http://www.wireshark.org/docs/dfref/c/cmp.html display filter reference]

  • Show only the CMP based traffic:

     cmp 

Capture Filter

You cannot directly filter CMP protocol while capturing. However, if you know the ["TCP"] port used (see above), you can filter on that one.

  • Capture only the CMP traffic over the default port (829):

     tcp port 829 

Discussion

CMP (last edited 2013-02-16 10:47:51 by LTejas)