ssldump modifications
This is a modified version of ssldump, adding an ssl session cache. The ssl session cache allows sending pcap traces to others for analysis without having to send them the private key(s) of the certificates used.
Howto
mkdir capture.cache ./ssldump -r capture.pcap -s capture.cache -k certificate_key.pem -d and repeat with the key of each relevant certificate used in the capture ./ssldump -r capture.pcap -s capture.cache -k certificate2_key.pem -d
Thiswill collect the needed temporary SSL session keys is in the capture.cache directory, and is sufficient to later analyze the traffic without access to the actual private keys.
./ssldump -r capture.pcap -s capture.cache -d
Download
- ssldump-CVS-hno-20100605.tar.gz (patch)
- Current CVS version of ssldump as of 20100605
- ssldump-0.9b3-hno.tar.gz (patch)
- Last ssldump-0.9b3 release