Decrypting TLS/SSL traffic with Wireshark

Wireshark is capable of decrypting TLS/SSL traffic when certain conditions are met:

• Wireshark was compiled with SSL decryption support ( --with-gnutls)
• RSA is used for key exchange
• You have server’s private key in PEM format (convert if necessary)
• You can capture the initial TLS/SSL Handshake

Configuring

Wireshark needs to be configured for SSL decryption by defining a specially formatted string which contains server’s IP…