TLS Decryption
The Decrypt TLS Traffic profile setting allows users to decrypt TLS traffic within a capture file. TLS traffic can only be decrypted if the user has access either to the appropriate RSA key, or a client keylog file.
Note that RSA keys must be imported and shared by admin users. See the section on RSA key management in the Admin Guide for more information on adding and managing keys.
Client Keylog File
The client keylog data can be pasted into CloudShark and used for TLS decryption. Additionally the upload API method supports uploading a keylog file when a capture file is uploaded.
Web browsers like Firefox and Chrome are able to save keys used when visiting
websites by generating a keylog. The openssl
and curl
command-line clients
are also able to generate a keylog. All of these applications check for an
environment variable SSLKEYLOGFILE
set to the location of a text file. Once
set these applications will write the key data to the log file specified.
RSA Server Keys
An RSA key can be dragged from the box of Available Keys to the Active RSA Keys box. Multiple unique decryption rules can be defined for each capture. Once a valid decryption rule has been configured and applied, the TLS traffic for that rule will be automatically decrypted and visible in the decode window.
Following TLS streams
Once a TLS session has been decrypted, CloudShark enables you to view the decrypted stream data in the protocol stream tab of the packet bytes pane. These tabs will be available for captures that have TLS decryption rules applied.
Potential Problems
Sometimes TLS decryption may now work as expected. Here are some reasons why TLS traffic may not be decrypted.
Diffie-Hellman
You can not use decryption if a Diffie-Hellman based cipher is in use.
Look at the TLS exchange and look for the Server Hello message. This
will normally report the chosen cipher. If it contains a DH, then
Diffie-Hellman is in use and the decryption using the TLS server key
will not work. For example view the following capture using the filter
expression tls.handshake.type == 2
.
One potential work around is to reconfigure your server to exclude Diffie-Hellman based Ciphers.
TLS Session Reuse
You can not use decryption if your TLS session was reused and the full TLS handshake is not in your capture. If you are having trouble with TLS decryption and suspect TLS Session Reuse try using the following filter expression:
!tls.handshake.session_ticket || tls.handshake.session_id_length == 0
If any packets match this filter expression it is likely that the TLS was used during this capture and the full handshake may not have been captured.
Here are a couple of example captures to show the difference between the full TLS handshake, and one where an TLS session was reused.
Here is also an article which describes TLS session reuse and includes a diagram to explain the handshake in both cases.
Possible workarounds to avoid TLS session reuse include configuring your server to disable TLS session reuse or clearing any TLS caches created by the client before capturing TLS traffic.