How to Decrypt SSL / TLS Traffic

Learn different ways to decrypt SSL / TLS and read cleartext HTTP.

For educational purposes only.

1. SSLKEYLOGFILE Environment Variable (Using TLS 1.3 Keys)

For development and localhost, it’s easy to log SSL / TLS keys and decrypt traffic through wireshark.

Set an environment variable called SSLKEYLOGFILE and your browser will automatically log keys to this file. You can import this log file into Wireshark and view decrypted HTTP traffic.

Source: https://support.f5.com/csp/article/K50557518
Video: How to DECRYPT HTTPS Traffic with Wireshark - YouTube

2. MITMProxy

Mitmproxy is an open source HTTPS proxy that comes with a web interface to easily view decrypted HTTP traffic. It will require you to add the mitmproxy CA certificate to your trusted cert store, and set your system’s proxy to the mitmproxy server address.

Source: https://mitmproxy.org/

Videos