Ask Your Question

Revision history [back]

Disable TLS decryption


Is there any config knob to disable TLS (and QUIC...) decryption even if the decryption keys are available?

I am thinking about the scenario where the keys are embedded in the pcapng file via "editcap --inject-secrets tls...".

I know that if the keys are saved in their own file I simply have to clear the parameter "TLS-> (Pre)Master-Secret log file", but having traffic and keys in the same file is incredibly practical