Re: logging input and output HTTP message payload

[Frederik Nosi]

Some more info,

On 06/18/2015 06:00 PM, Frederik Nosi wrote:
Hi Christopher,
On 06/18/2015 05:55 PM, Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Frederik,

On 6/17/15 8:10 AM, Frederik Nosi wrote:
It helps only with HTTP though, no HTTPS or at least not easily.
All you need is the server's TLS key and Wireshark will look directly
at the HTTP conversation. This is a skill worth developing, especially
since it takes such little effort.

Been there done that, with mildly recent versions of openssl / https 
(PFS) you cant do that:

https://ask.wireshark.org/questions/34393/how-to-decrypt-ssl-traffic-using-wireshark 


Till some years ago I used tihs technique for troubleshooting. But after 
a webserver upgrade or such, i found that this was no more possible (i'm 
noit going into details now). So the quick and dirty way i had to use 
was with apache mod_bumpio, or strace -fe trace=network -s 1024 -p 
`pidof tomcat`, you got the idea.
With another product i had to put a HTTP/HTTPS proxy in the middle.

That's why i said it's not so quick :-)






- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJVguoGAAoJEBzwKT+lPKRYp/IP/jlJ8sLXsf0hxL/NE/dZmE/h
rq4kFb3/9itszwJnL7vnaQHetml+JZNAk7fsCvk8wGx4JIX/aYVpmmyJ+A1KsQ+Q
1nZeJ2uSef6iTEtYsypMxUasabguc8LI7KG0QMRyBYSLICcbp/36SLgJmUVLCuvw
ErClKJIlFDetd7r0dUuBIvlixThQ0emSOPRAgutNauiUCb2m6CCFAnFWmmW7Z01/
yLV+AUGHp3b77Yq3jJlKGtlmNmTuJ/tdnY0N7VwYlnA644DkUpetykFZZ/pdLa5p
wYRHXz5qv/tmVT383SAeK3FgSVYIp9EnxVHs44ImZ42XwCnkoHLK9TdzjkS6Cxrs
WHQJcP6vfSWQ7WIGLNpJzUclEkCaJRCLktGcA8SE4aNIg0JvVe2Y25RVWOdYX//E
RHiZxrDJxctoK6zmTuCOpd7DFx1cxSp2s1xXfghl80lFouMryoqwL7vui8/V/8u/
PsxT6/kupsTFTGoTv1RvJdk0rPVhrQnpHneOpQcKyoH/1lJoTswO8j7T6suLACqL
/K1HCVO8E+tu49Mn5bsr9rUb0uUo/qtYUu/cPp4Pv6CkNxLxYw48T1t82HSGkQHr
g7qCt1aWltsfc6O6yx07Zfdair8Hvy/QmOifcnpWlHn01wF6phSjrXhN3t5M7pnt
ScsjQVvlQoi7ATLm+4/a
=f8p5
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org