Do you need to integrate the decryption into your own software, or are you just looking for a possibility to monitor and view the traffic?
If it’s the latter, try and take a look at the SSL decryption support that Wireshark provides.
https://wiki.wireshark.org/TLS
https://www.comparitech.com/net-admin/decrypt-ssl-with-wireshark/
hth,
Matthias
Disclaimer: I haven’t used it for TLS myself, only for IPsec, and I can’t tell how up-to-date it is, in particular whether it is TLS 1.3 ready.
Dr. Matthias St. Pierre
Senior Software Engineer
matthias.st.pierre@xxxxxxxxx
Phone: +49 911 9968-0
www.ncp-e.com
Follow us on: Facebook | Twitter | Xing | YouTube | LinkedIn
Headquarters Germany: NCP engineering GmbH • Dombuehler Str. 2 • 90449 • Nuremberg
North American HQ: NCP engineering Inc. • 601 Cleveland Str., Suite 501-25 • Clearwater, FL 33755
Authorized representatives: Peter Soell, Patrick Oliver Graf, Beate Dietrich
Registry Court: Lower District Court of Nuremberg
Commercial register No.: HRB 7786 Nuremberg, VAT identification No.: DE 133557619This e-mail message including any attachments is for the sole use of the intended recipient(s) and may contain privileged or confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please immediately contact the sender by reply e-mail and delete the original message and destroy all copies thereof.
From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> On Behalf Of Oren Shpigel
Sent: Tuesday, December 8, 2020 3:15 PM
To: openssl-users@xxxxxxxxxxx
Subject: Use OpenSSL to decrypt TLS session from PCAP files
Hi,
I generated a PCAP file with TLS session, and I have the matching private key used by my HTTPS server.
The TLS session is not using DH for key exchange, so it should be possible to decrypt.
I know OpenSSL can be used to connect to a socket to "actively" handle the TLS session, but is there a way to "passively" decode and decrypt a session?
How can I "feed" the packets (both directions) into the OpenSSL library?Thanks!
Hi, thanks for the answer.
I know wireshark and ssldump have this capability, but I'm looking for a way to do it in my own software in C++, (using OpenSSL, if possible, but open to other suggestions as well).
On Tue, Dec 8, 2020 at 4:32 PM Dr. Matthias St. Pierre <Matthias.St.Pierre@xxxxxxxxx> wrote:
