From eec4c539f2f6b8124ab92d6087afb228874a479e Mon Sep 17 00:00:00 2001 From: Maximilian Hils Date: Sat, 28 Feb 2015 03:35:28 +0100 Subject: SSLKEYLOGFILE docs --- doc-src/_nav.html | 1 + doc-src/dev/index.py | 1 + doc-src/dev/sslkeylogfile.html | 8 ++++++++ 3 files changed, 10 insertions(+) create mode 100644 doc-src/dev/sslkeylogfile.html diff --git a/doc-src/_nav.html b/doc-src/_nav.html index 6c3afbe1..69175c0c 100644 --- a/doc-src/_nav.html +++ b/doc-src/_nav.html @@ -56,4 +56,5 @@
  • Hacking
    • $!nav("dev/architecture.html", this, state)!$ $!nav("dev/testing.html", this, state)!$ + $!nav("dev/sslkeylogfile.html", this, state)!$ diff --git a/doc-src/dev/index.py b/doc-src/dev/index.py index bb7872c7..0f2a6494 100644 --- a/doc-src/dev/index.py +++ b/doc-src/dev/index.py @@ -3,5 +3,6 @@ from countershape import Page pages = [ Page("testing.html", "Testing"), Page("architecture.html", "Architecture"), + Page("sslkeylogfile.html", "TLS Master Secrets"), # Page("addingviews.html", "Writing Content Views"), ] diff --git a/doc-src/dev/sslkeylogfile.html b/doc-src/dev/sslkeylogfile.html new file mode 100644 index 00000000..1826fc2e --- /dev/null +++ b/doc-src/dev/sslkeylogfile.html @@ -0,0 +1,8 @@ +The SSL master keys can be logged by mitmproxy so that external programs can decrypt TLS connections both from and to the proxy. +Key logging is enabled by setting the environment variable SSLKEYLOGFILE so that it points to a writable +text file. Recent versions of WireShark can use these log files to decrypt packets. +You can specify the key file path in WireShark via
    +Edit → Preferences → Protocols → SSL → (Pre)-Master-Secret log filename. + + Note that SSLKEYLOGFILE is respected by other programs as well, e.g. Firefox and Chrome. +If this creates any issues, you can set MITMPROXY_SSLKEYLOGFILE alternatively. \ No newline at end of file -- cgit v1.2.3