This is a pretty cool patch! Martin sent me some instructions on how to get this working with wireshark, which I have reproduced for reference at the end. This worked for me using Wireshark 1.10.6
With regards to the patch itself, it is the idiom of many of the OpenSSL command line apps to take a "-outform" argument. I think it would be more in keeping with the intention of that argument if the patch were modified to use "-outform NSS" instead of "-keylog". Could you make the appropriate amendments and resubmit? Many thanks Matt openssl s_server -cert serverCert.pem -key serverKey.pem -accept 443 -no_ticket start the logging in wireshark openssl s_client -connect localhost:443 -sess_out key-openssl.log -cipher AES128-SHA -tls1 wait for the connect type something stop the capture in wireshark stop the s_client openssl sess_id -in key-openssl.log -keylog -noout -out key.log In wireshark: Edit / Preferences / Protocols / SSL clear the (Pre)-Master-Secret log filename Apply set the (Pre)-Master-Secret log filename to key.log Apply -> Application Data should get decrypted ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org