export SSLKEYLOGFILE=/home/jsn/Downloads/sslkeys/sslkeys.log
search
Wednesday, September 14, 2016
Analyze http2 with Wireshark
Most of the time http2 requests are sent over TLS, which means that Wireshark needs to decrypt information before we can analyze it.
Fortunately, Chrome allows to dump cryptographic keys in the file. To do that, before you start Chrome, export environmental variable SSLKEYLOGFILE:
Firefox also allows to do it, but as for now (48) it is disabled by default. Get more information
Now we need to configure Wireshark to use exported keys. Go to Edit - Preferences - Protocols - SSL and point (Pre)-Master-Secret log filename to the file with keys (/home/jsn/Downloads/sslkeys/sslkeys.log)
Now you can filter records by http2 and analyze them.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment