Decrypting SSL traffic with tshark (private key required)

Sample:

#!/bin/bash
tshark -f "tcp port 80" -Y 'http.request || http.response'
#OR (for decrypting SSL. Won't work when using Diffie-Hellman, see Google why):
tshark -o "ssl.desegment_ssl_records: TRUE" -o "ssl.desegment_ssl_application_data: TRUE" -o "ssl.keys_list:78.46.156.164,443,http,/home/user/ssl/www.domain.key" -o "ssl.debug_file:ssldebug.log" -f "tcp port 443" -Y "http" -x
See also:
Forward secrecy

Was this answer helpful?

 Print this Article

Also Read

How can i verify my SSL certification?

Please use the tools from our SSL Tools site which offer you all kinds of SSL checker tools for...

Check SSL security, installation and configuration

Feel free to use the collection of SSL tools we are providing to check your SSL configuration and...

Why SHA-1 based SSL certificates should NOT be used anymore. Revoke old SHA-1 based certificates and get free SHA-2 ones! Here is why ...

All SSL certificates delivered by us are SHA-2 based by default since November 2014. Multiple...

Perfect Forward Secrecy - Apache SSL/TLS Strong Encryption How-To

TL;DR: edit /etc/apache2/mods-enabled/ssl.conf and specify ciphers like this: # enable only...

What is PRE-SIGN FAILED? What is a CAA record? - DNS Certification Authority Authorization (CAA) Resource Record

The Certification Authority Authorization (CAA) DNS Resource Record allows a DNS domain name...