The main point is to save the SSL/TLS keys those used by the web browser (SSLKEYLOGFILE=/tmp/tmp-google/.ssl-key.log).
In the example below we run brand new instance of Google Chrome (--user-data-dir=/tmp/tmp-google do the trick):
SSLKEYLOGFILE=/tmp/tmp-google/.ssl-key.log /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --user-data-dir=/tmp/tmp-google
Then run the Wireshark and open the Preferences -> Protocols -> SSL, where we put the path to the SSL keys log file into the (Pre)-Master-Secret log filename field.
Now all SSL/TLS traffic from this browser instance will be decrypted.
-
-
Save bxb100/5f584088e95a931636a91cef9c2b6d50 to your computer and use it in GitHub Desktop.
How to decrypt SSL/TLS traffic in Wireshark on MacOS
Author
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
(Pre)-Master-Secret log filename,使用文件系统没法选中;Command+Shift+Dot显示所有隐藏文件chrome.command中可以直接打开1Footnotes
https://apple.stackexchange.com/questions/198628/is-it-possible-to-open-2-different-instances-of-chrome-with-different-tabs-open ↩