Disable TLS decryption

asked 2020-11-25 13:11:33 +0000

ivan81 gravatar image


Is there any config knob to disable TLS (and QUIC...) decryption even if the decryption keys are available?

I am thinking about the scenario where the keys are embedded in the pcapng file via "editcap --inject-secrets tls...".

I know that if the keys are saved in their own file I simply have to clear the parameter "TLS-> (Pre)Master-Secret log file", but having traffic and keys in the same file is incredibly practical

edit retag flag offensive close merge delete