23 May
2014
23 May
'14
9:42 a.m.
On May 22, 2014, at 6:46 PM, James Cloos cloos+openser-users@jhcloos.com wrote:
If you record the full packet trace, wireshark can use your privkey.pem to decode the tls handshake, recover the session key, and use that to decode the payload packets.
Cf http://wiki.wireshark.org/SSL for details.
This is true if you are not using an ephemeral Diffie Hellman cypher suite.
HTH --FC