The second step is to just enable logging for your client which can be curl utility or browser. Here tlskey.log is just an empty file created by myself Therefore we need to log this key which is allowed for debugging purposes: Steps:
I think I figure out the answer on my own:įirst, as point out, the key is generated by the client and then is safely encrypted using public key and sent to the server. So I follow the example with ssl on the website but the key is not showing up lol However when capturing the packet using wireshark, it is encrypted but I really don't know how to use the cert to decrypt it. Keytool -genkey -alias undertow -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -dname "CN=localhost, OU=localhost, O=localhost, L=Zhengzhou, ST=Henan, C=CN" I am doing this is because I have used keytool to generate the key/cert and run a small http2 server with this cert/key: Is there another way to view the comments? Can anyone try the linked file:įile: http2-16-ssl.pcapng (HTTP2 with ALPN h2-16 extension) (5.1 KB, from, SSL keys in capture file comments) On the wireshark website, it says the SSL keys are in the comment but I just didn't see it. To follow decryption example from wireshark:I download the capture file but didn't see the key in the comments of that capture file:
0 kommentar(er)
