23 May
2014
23 May
'14
4:42 p.m.
On May 22, 2014, at 6:46 PM, James Cloos <cloos+openser-users(a)jhcloos.com> wrote:
If you record the full packet trace, wireshark can use your privkey.pem
to decode the tls handshake, recover the session key, and use that to
decode the payload packets.
Cf http://wiki.wireshark.org/SSL for details.
This is true if you are not using an ephemeral Diffie Hellman cypher suite.
HTH
--FC