Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Step by step SSL decrypt with wireshark


I want to decrypt my traffic from my browser (Firefox Quantum). It sends https traffic over my router, where I try to dump it with tcpdump. Then I want to decrypt that file with wireshark and I want to see if I can get the URLs that I visited. I read that I need a ssl key and a tls key in order to do that. However, it seems not to work. But I am sure that I am doing something wrong. Therefore I wanted to ask if my start is correct at all:

tcpdump -i wlan0 -s 0 port 443 -w dump.pcacp

Thanks jdoe