[jira] [Comment Edited] (SERF-176) Support session key logging for SSL decrypting with Wireshark (SSLKEYLOGFILE)

Sun, 07 Apr 2019 04:40:55 -0700 


    [ 
https://issues.apache.org/jira/browse/SERF-176?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16811850#comment-16811850
 ] 

Michael Schierl edited comment on SERF-176 at 4/7/19 11:38 AM:
---------------------------------------------------------------

*EDIT: Ooops, this issue is about SERV and not about HTTPD. So feel free to 
ignore my comment...*

 

A Quick&Dirty patch (that works well enough for me) is here:

[https://gist.github.com/schierlm/fef3d79818f5561cd87991c89b81122f]

Note that it has only been tested on Linux, and only on a test server with very 
light load, and as I am not really familiar with the Apache codebase 
(especially wrt thread safety) I would not call this patch "production ready", 
and the error handling (in case of malformed .conf file) could surely be better.

 

But it is certainly a start (that some more experienced developer could review 
or improve), and for some test servers it might be sufficient.


was (Author: schierlm):
A Quick&Dirty patch (that works well enough for me) is here:

[https://gist.github.com/schierlm/fef3d79818f5561cd87991c89b81122f]

Note that it has only been tested on Linux, and only on a test server with very 
light load, and as I am not really familiar with the Apache codebase 
(especially wrt thread safety) I would not call this patch "production ready", 
and the error handling (in case of malformed .conf file) could surely be better.

 

But it is certainly a start (that some more experienced developer could review 
or improve), and for some test servers it might be sufficient.

> Support session key logging for SSL decrypting with Wireshark (SSLKEYLOGFILE)
> -----------------------------------------------------------------------------
>
>                 Key: SERF-176
>                 URL: https://issues.apache.org/jira/browse/SERF-176
>             Project: serf
>          Issue Type: Improvement
>            Reporter: Guido Wischrop
>            Priority: Major
>
> For error analysis and debugging it would be extremely useful to decrypt 
> HTTPS traffic with Wireshark. Firefox and Google Chrome are supporting this 
> through the environment setting SSLKEYLOGFILE ([see 
> more|https://jimshaver.net/2015/02/11/decrypting-tls-browser-traffic-with-wireshark-the-easy-way/]).
>  Can this be implemented for serf too?



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to