Use OpenSSL to decrypt TLS session from PCAP files

Oren Shpigel orens at nonamesecurity.com
Tue Dec 8 14:15:29 UTC 2020


Hi,
I generated a PCAP file with TLS session, and I have the matching private
key used by my HTTPS server.
The TLS session is not using DH for key exchange, so it should be possible
to decrypt.
I know OpenSSL can be used to connect to a socket to "actively" handle the
TLS session, but is there a way to "passively" decode and decrypt a session?
How can I "feed" the packets (both directions) into the OpenSSL library?

Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20201208/09a51f73/attachment.html>


More information about the openssl-users mailing list