DNS resolvings and full decrypting of HTTPS traffic
Hello, I have two new user questions
- How do I configure Wireshark to show a column with resolved destination address? I've tried to add custom column Host with value Net dest. addr (resolved), but showing still raw IP numbers.
- For full revelation of SSL secured communication, is it enough to define SSLKEYLOGFILE environment variable, direct Wireshark to use it in TLS protocol setting and let the monitored application run? I'm not using a web browser but desktop client for online service.
Have you verified (using
nslookup
or similar) that the IP address resolves to a name on the system running Wireshark?Not all applications/libraries support
SSLKEYLOGFILE
? Is it possible to verify this before configuring a test?I agree with Chuckc's update for the SSL decryption part. You need to check whether the libraries support it. You can also restart the machine once to see whether it helps. I have seen this multiple times where without rebooting the machine , SSLKEYLOGFILE environment variable doesn't record the keys.
Best Regards, Denzil D'Souza