# Revision history [back]

Using a more canonical reference such as the project's own wiki page on TLS you should note the following about decryption:

The RSA private key file can only be used in the following circumstances:

• The cipher suite selected by the server is not using (EC)DHE.

And as the linked article notes, you can determine if a DH key exchange is in use by examining the SSL debug log and looking for the cipher being used. From your log:

ssl_set_cipher found CIPHER 0xC030 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 -> state 0x97


So a DH keyexchange is occurring and an RSA master key will not be able to decrypt the data, you will need a pre-master secret from the sslkeylogfile. The debug log indicates that the TLS dissector couldn't find valid keying material in the keylog file:

ssl_dissect_change_cipher_spec Session resumption using Session ID