HI,
A new member of this forum, so hope I ask this question in the right category.
I am basically an APM/NPM guy, a port-mirroring-based solution would required us to import the private key used by customer into our sniffing probe to decrypt the HTTPS traffic.
Long story short: they have a application where one web tier and one middle-tier are both using IIS and are of the same private key. The way they exported out the key and give us is of course using IIS manager, and according to them, both the key exported out from the two tiers are one and the same.
So I've imported the key they gave into my sniffing probe, however my NPM tool was only able to decrypt the traffic of one tier, but not the others. But the customers insisted and pretty sure that the two tiers are using the same SSL keys.
So, what am I missing here? is it possible that both tier using the same private keys but different ciphers? If not, based on you guy's experience, what other possible scenarios would cause this to happen? I don't really get the chance to play around with their IIS manager.
Best Regards,
Wai Keat