diff options
| -rw-r--r-- | doc-src/_nav.html | 1 | ||||
| -rw-r--r-- | doc-src/dev/index.py | 1 | ||||
| -rw-r--r-- | doc-src/dev/sslkeylogfile.html | 8 | 
3 files changed, 10 insertions, 0 deletions
| diff --git a/doc-src/_nav.html b/doc-src/_nav.html index 6c3afbe1..69175c0c 100644 --- a/doc-src/_nav.html +++ b/doc-src/_nav.html @@ -56,4 +56,5 @@      <li class="nav-header">Hacking</li>          $!nav("dev/architecture.html", this, state)!$          $!nav("dev/testing.html", this, state)!$ +        $!nav("dev/sslkeylogfile.html", this, state)!$  </ul> diff --git a/doc-src/dev/index.py b/doc-src/dev/index.py index bb7872c7..0f2a6494 100644 --- a/doc-src/dev/index.py +++ b/doc-src/dev/index.py @@ -3,5 +3,6 @@ from countershape import Page  pages = [       Page("testing.html", "Testing"),       Page("architecture.html", "Architecture"), +     Page("sslkeylogfile.html", "TLS Master Secrets"),  #    Page("addingviews.html", "Writing Content Views"),  ] diff --git a/doc-src/dev/sslkeylogfile.html b/doc-src/dev/sslkeylogfile.html new file mode 100644 index 00000000..1826fc2e --- /dev/null +++ b/doc-src/dev/sslkeylogfile.html @@ -0,0 +1,8 @@ +The SSL master keys can be logged by mitmproxy so that external programs can decrypt TLS connections both from and to the proxy. +Key logging is enabled by setting the environment variable <samp>SSLKEYLOGFILE</samp> so that it points to a writable +text file. Recent versions of WireShark can use these log files to decrypt packets. +You can specify the key file path in WireShark via<br> +<samp>Edit → Preferences → Protocols → SSL → (Pre)-Master-Secret log filename</samp>. + + Note that <samp>SSLKEYLOGFILE</samp> is respected by other programs as well, e.g. Firefox and Chrome. +If this creates any issues, you can set <samp>MITMPROXY_SSLKEYLOGFILE</samp> alternatively.
\ No newline at end of file | 
