 | 1 | initial version |
Only the endpoints of a TLS connection can provide the session keys. So the SSLKEYLOGFILE environment needs to be set for the TLS client (i.e. browser) or TLS server (i.e. web-service) -- not tcpdump.
For example if the application is written in Java, you may use the jSSLKeyLog library.
The procedure is described here: https://wiki.wireshark.org/TLS#using-the-pre-master-secret
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
