On Wed, May 13, 2020 at 08:16:59AM +0200, Daniel Stenberg wrote: > On Tue, 12 May 2020, brian m. carlson wrote: > > Sorry for going slightly off-topic, but I figure this could help as a sort > of PSA. > > > Since everyone uses HTTPS, it's not possible to perform this debugging > > using a tool like Wireshark unless you use a MITM CA cert, which seems > > excessive. > > When you want to Wireshark the connection with libcurl, your friend is > SSLKEYLOGFILE. If you set that environment variable (assuming the libcurl > TLS backend supports it - several do), libcurl will save the TLS secrets in > the file that environment variable mentions - at run-time in a format that > Wireshark understands. > > Then you can analyze the traffic, in real time, with Wirehark without > fiddling with a MITM etc. Very cool. I didn't know about that at all. Now I want to debug some https sessions... ;) Thank you! -Peff
