aboutsummaryrefslogtreecommitdiffstats
path: root/mitmproxy/docs/dev/sslkeylogfile.rst
diff options
context:
space:
mode:
Diffstat (limited to 'mitmproxy/docs/dev/sslkeylogfile.rst')
-rw-r--r--mitmproxy/docs/dev/sslkeylogfile.rst14
1 files changed, 14 insertions, 0 deletions
diff --git a/mitmproxy/docs/dev/sslkeylogfile.rst b/mitmproxy/docs/dev/sslkeylogfile.rst
new file mode 100644
index 00000000..04b86cc4
--- /dev/null
+++ b/mitmproxy/docs/dev/sslkeylogfile.rst
@@ -0,0 +1,14 @@
+.. _sslkeylogfile:
+
+TLS Master Secrets
+==================
+
+The SSL master keys can be logged by mitmproxy so that external programs can decrypt TLS
+connections both from and to the proxy. Key logging is enabled by setting the environment variable
+:envvar:`SSLKEYLOGFILE` so that it points to a writable text file.
+Recent versions of WireShark can use these log files to decrypt packets.
+You can specify the key file path in WireShark via
+:samp:`Edit -> Preferences -> Protocols -> SSL -> (Pre)-Master-Secret log filename`.
+
+Note that :envvar:`SSLKEYLOGFILE` is respected by other programs as well, e.g. Firefox and Chrome.
+If this creates any issues, you can set :envvar:`MITMPROXY_SSLKEYLOGFILE` alternatively.
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-18 11:35:16 +0000