From August 19th 2020, SECTIGO issues SSL certificates with a maximum lifetime of 398 days (13 months) as specified by CA/Browser consortium. SSL certificates with a longer lifetime must be re-issued annually (free of charge). You'll receive reminders via e-mail. SSL certificates issued before August 19th 2020 remain valid until their planned expiry date. Code Signing & S/MIME certificates are not affected and remain valid until their planned expiry date.

Decrypting SSL traffic with tshark (private key required)

Sample:

#!/bin/bash
tshark -f "tcp port 80" -Y 'http.request || http.response'
#OR (for decrypting SSL. Won't work when using Diffie-Hellman, see Google why):
tshark -o "ssl.desegment_ssl_records: TRUE" -o "ssl.desegment_ssl_application_data: TRUE" -o "ssl.keys_list:78.46.156.164,443,http,/home/user/ssl/www.domain.key" -o "ssl.debug_file:ssldebug.log" -f "tcp port 443" -Y "http" -x
See also:
Forward secrecy

Was this answer helpful?

 Print this Article

Also Read

Perfect Forward Secrecy - Apache SSL/TLS Strong Encryption How-To

TL;DR: edit /etc/apache2/mods-enabled/ssl.conf and specify ciphers like this: # enable only...

PCI Compliance (Payment Card Industry Compliance

PCI stands for Payment Card Industry, data security standard and is defined by the PCI Security...

Why SHA-1 based SSL certificates should NOT be used anymore. Revoke old SHA-1 based certificates and get free SHA-2 ones! Here is why ...

All SSL certificates delivered by us are SHA-2 based by default since November 2014. Multiple...

Postfix TLS 1.3 and Perfect Forward Secrecy configuration

Settings for /etc/postfix/main.cf: # TLS parameters smtpd_tls_cert_file =...

IIS 7 7.5 8 Hardening SSL TLS - Windows Server 2008 R2 2012 R2 DISABLE SSL V2/3 POODLE BEAST - NARTAC IIS Crypto

(Free) IIS Crypto Tool for fast SSL cipher configuration under...