Hi, thanks for the answer. I know wireshark and ssldump have this capability, but I'm looking for a way to do it in my own software in C++, (using OpenSSL, if possible, but open to other suggestions as well).
On Tue, Dec 8, 2020 at 4:32 PM Dr. Matthias St. Pierre < matthias.st.pie...@ncp-e.com> wrote: > Do you need to integrate the decryption into your own software, or are > you just looking for a possibility to monitor and view the traffic? > > If it’s the latter, try and take a look at the SSL decryption support that > Wireshark provides. > > > > https://wiki.wireshark.org/TLS > > https://www.comparitech.com/net-admin/decrypt-ssl-with-wireshark/ > > > > > > hth, > > Matthias > > > > Disclaimer: I haven’t used it for TLS myself, only for IPsec, and I can’t > tell how up-to-date it is, in particular whether it is TLS 1.3 ready. > > > > > > *[image: NCP engingeering GmbH]* *Dr. Matthias St. Pierre* > > Senior Software Engineer > matthias.st.pie...@ncp-e.com > Phone: +49 911 9968-0 > www.ncp-e.com > > > * Follow us on:* Facebook <https://www.facebook.com/NCPengineering> | > Twitter <https://twitter.com/NCP_engineering> | Xing > <https://www.xing.com/companies/ncpengineeringgmbh> | YouTube > <https://www.youtube.com/user/NCPengineeringGmbH> | LinkedIn > <http://www.linkedin.com/company/ncp-engineering-inc.?trk=cws-cpw-coname-0-0> > > *Headquarters Germany: *NCP engineering GmbH • Dombuehler Str. 2 • 90449 > • Nuremberg > *North American HQ:* NCP engineering Inc. • 601 Cleveland Str., Suite > 501-25 • Clearwater, FL 33755 > > Authorized representatives: Peter Soell, Patrick Oliver Graf, Beate > Dietrich > Registry Court: Lower District Court of Nuremberg > Commercial register No.: HRB 7786 Nuremberg, VAT identification No.: DE > 133557619 > > This e-mail message including any attachments is for the sole use of the > intended recipient(s) and may contain privileged or confidential > information. Any unauthorized review, use, disclosure or distribution is > prohibited. If you are not the intended recipient, please immediately > contact the sender by reply e-mail and delete the original message and > destroy all copies thereof. > > <https://www.ncp-e.com/de/aktuelles/events/veranstaltungen> > <https://www.ncp-e.com/de/aktuelles/events/veranstaltungen> > > *From**:* openssl-users <openssl-users-boun...@openssl.org> *On Behalf Of > *Oren Shpigel > *Sent:* Tuesday, December 8, 2020 3:15 PM > *To:* openssl-users@openssl.org > *Subject:* Use OpenSSL to decrypt TLS session from PCAP files > > > > Hi, > > I generated a PCAP file with TLS session, and I have the matching private > key used by my HTTPS server. > The TLS session is not using DH for key exchange, so it should be possible > to decrypt. > I know OpenSSL can be used to connect to a socket to "actively" handle the > TLS session, but is there a way to "passively" decode and decrypt a session? > How can I "feed" the packets (both directions) into the OpenSSL library? > > Thanks! >
