Page tree
Skip to end of metadata
Go to start of metadata

As the communication between TextGridLab and Server is encrypted with TLS using ECDHE (or DHE as fallback) for Key-Exchange, its not directly sniffable with Wireshark. To observe the HTTP traffic one needs to get hold of the SSL session keys. This is possible by adding java libraries like jSSLKeyLog or extract-ssl-secrets to the TextGridLab startup. This will drop the SSL session keys to a place where Wireshark could use them for TLS decryption. Here is how its done, with extract-ssl-secrets.jar as an example, jSSLKeyLogin.jar usage is analogous:

  1. Download
  2. Edit the textgridlab.ini, add a line

  3. In Wireshark: go to Edit→Preferences, from Protocols choose SSL
  4. In the field "(Pre)-Master-Secret log filename" enter the session-log location from 2. : /tmp/ssl-session.log
  5. start a capture to, the following capture filter should do: "tcp port https and host"
  6. start the TextGridLab and observe the traffic

  • No labels