9/28/2023 0 Comments Wireshark capture httpsTo use the ssl key log file, we can import it into Wireshark:Īnd the captured packet will be automatically decrypted with the key. For example, to ask the curl command to export the key log file, we can export the SSLKEYLOGFILE environment variable:Īfter exporting the above variable, curl will automatically export the master key into the specified log file: sslkey.log, and we can see the content of the file:Īnd each time curl establishes the SSL communication, the master key for the communication will be appended to the end of the file as shown above, and then Wireshark can load this file and see the decrypted content of the communication. There is a standard way to export the master key from client, and it’s called sslkeylog. This key is symmitric and it’s used for encryption/decryption during the whole communication process. To capture the SSL communication between client and server, we need to ask the client to export the master key. And a Java program that do a request to a server is also a client. For example, we can use curl command to do a request to a website, then the curl command is the client side. The client means the program that initiates the communication. The reason of this fallback is that the Public Key Encryption method is expensive(CPU-intensive) and not necessary during the whole communication process. As the SSL/TLS standard defined, after the certificate exchanging and verification process is done, the communication channel will switch from RSA algorithm to symmetric encryption algorithm. The way to do this is to let the network communication client to export the master secret key after SSL certificate exchange. As SSL is currently the standard way during network communication, we need a way to let Wireshark can decrypt the packets to see the actual contents. Sometimes we need to use Wireshark to analyze the underlying network communication during project development. Using Wireshark And jSSLKeyLog To Capture The Java SSL Network Packets.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |