How to take a tcpip packet trace with SSLKEYLOGFILE file?
Hello, I am trying to view TLS/SSL traffic coming from a Client application (let's call App1) running on zOS side and talking in TLS two way secured connection to a target application (let's call App2) running on Linux server. I could take a TCPIP packet trace using a tcpdump command and want to take advantage from Wireshark capability to decryot SSL traffic (and so able to see exchanged certificates and other interesting things) having a SSLKEYLOGFILE env variable specified and pointing to a SSL Key log file (that needs to be specified as Pre-shared key file). I have specified (I have tried either on client and server side) the following: EXPORT SSLKEYLOGFILE="my_path_name/myssl.log" and capture a TCPIP Packet trace with command: tcpdump -i any -s0 port ppp and host xxxx.xxxx.xxxx.xxxx or host yyyy.yyyy.yyyy.yyyy -w /tmp/mycapture & The result is that tcpip packet trace is indeed created but I cannot create any myssl.log file under SSLKEYLOGFILE specified dir. Do you have some suggestions to provide? How can I take a Wireshark trace with the SSL>> (Pre)-Master-Secret log filename created? Thanks and bye
