Debugging HTTPS

Wireshark will decode TLS (and old SSL) if provided with the keys. Typically you will want to do this with HTTPS, so Google Chrome and Firefox both support a feature to save the KEYS into a file. This file can be configured in Wirehsark.

Configure SSL Key File

Before launching the browser, ensure SSLKEYLOGFILE env variable is set, e.g. add the following line into ~/.bashrc:

export SSLKEYLOGFILE=/home/baz/.path/ssl-key.log

| You will need to kill and restart chrome for this to start work.

Configure Wireshark

Follow instructions in https://wiki.wireshark.org/TLS. The quick version of that is:

• Edit -> Preferences -> Protocols -> TLS
• (Pre)-Master-Secret log filename preference to $SSLKEYLOGFILE