 | 1 | initial version |
Without any information to go on besides "Dycryption for my local site does not work" and "decryption for some other sides does work" it is not possible to determine the reason why.
There are two major reasons for decryption to fail:
There was a browser window still open, so it did not take the SSLKEYLOGFILE variable (this does not seem to be your case, as you can decrypt some sites, but I'm not sure they were tried in the same session)
Is the random number in the ClientHello towards your server listed in the SSLKEYLOGFILE? If not, there is something going wring in the collection of the pre-master secrets. If it is there, which cipher is chosen in the ServerHello? Do you see the full TLS handshake or a resumed one?
Can you make an example packet capture of a page on your server that is not privacy sensitive and share the pcap and keys file (on a public file share service like dropbox, onedrive, etc)?
| | 2 | No.2 Revision |
Without any information to go on besides "Dycryption for my local site does not work" and "decryption for some other sides does work" it is not possible to determine the reason why.
There are two major reasons for decryption to fail:
Is the random number in the ClientHello towards your server listed in the SSLKEYLOGFILE? If not, there is something going wring in the collection of the pre-master secrets. If it is there, which cipher is chosen in the ServerHello? Do you see the full TLS handshake or a resumed one?
Can you make an example packet capture of a page on your server that is not privacy sensitive and share the pcap and keys file (on a public file share service like dropbox, onedrive, etc)?
