Dumping key to file
Harish Kulkarni
harishvk27 at gmail.com
Thu Mar 11 05:34:55 UTC 2021
Thank you all.. i will try and write back.
-thanks
harish
On Wed, Mar 10, 2021 at 7:59 PM Matt Caswell <matt at openssl.org> wrote:
>
>
> On 10/03/2021 13:35, Jeremy Harris wrote:
> > On 10/03/2021 13:14, Harish Kulkarni wrote:
> >> My application is built along with openssl library source code. We
> >> want to
> >> dump keys to a file for decrypting TLS flows from network captures.. is
> >> there any flag or environment variable which we can set during building
> >> application or while running application.
> >
> > Env var SSLKEYLOGFILE
>
> That is not an OpenSSL environment variable (I think that's an NSS thing).
>
> In order to log keys you need to set the key logging callback via
> SSL_CTX_set_keylog_callback.
>
> The callback needs to look like this:
>
> typedef void (*SSL_CTX_keylog_cb_func)(const SSL *ssl, const char *line);
>
> It should write the data provided in "line" to wherever you want to
> store the key data.
>
> See:
> https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_keylog_callback.html
>
> If you are using the OpenSSL command line then you can use the
> "-keylogfile" option to s_client or s_server to specify the filename for
> where you want keys logged.
>
> Matt
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210311/7d899727/attachment.html>
More information about the openssl-users
mailing list