blob: 0c7a6d1b646e9f925e6dda3a7c30fdc8937dffb0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
---
title: "Wireshark and SSL/TLS"
menu:
howto:
weight: 1
---
# Wireshark and SSL/TLS Master Secrets
The SSL/TLS master keys can be logged by mitmproxy so that external programs can
decrypt SSL/TLS connections both from and to the proxy. Recent versions of
Wireshark can use these log files to decrypt packets. See the [Wireshark wiki](https://wiki.wireshark.org/SSL#Using_the_.28Pre.29-Master-Secret) for more information.
Key logging is enabled by setting the environment variable `SSLKEYLOGFILE` so
that it points to a writable text file:
{{< highlight bash >}}
SSLKEYLOGFILE="$PWD/.mitmproxy/sslkeylogfile.txt" mitmproxy
{{< / highlight >}}
You can also `export` this environment variable to make it persistent for all applications started from your current shell session.
You can specify the key file path in Wireshark via `Edit -> Preferences ->
Protocols -> TLS -> (Pre)-Master-Secret log filename`. If your SSLKEYLOGFILE
does not exist yet, just create an empty text file, so you can select it in
Wireshark (or run mitmproxy to create and collect master secrets).
Note that `SSLKEYLOGFILE` is respected by other programs as well, e.g., Firefox
and Chrome. If this creates any issues, you can use `MITMPROXY_SSLKEYLOGFILE`
instead without affecting other applications.
|
