Tab not found in Wireshark

Question

While reading an article about TLS decryption, I found this image

where a tab named "Decrypted SSL Data" in wireshark exists. But, in my Wireshark(version 2.2.5), I cannot find this tab. How can I find this tab or something that may show me the decrypted ssl data?

Answer 1

Since Wireshark version 1.6 you can also use so called (Pre)-Master-Secret file that can be generated by Chrome or Firefox.

There are some details on Wireshark wiki what needs to be done. Using the (Pre)-Master-Secret

Please note this will not work Diffie-Hellman cipher, and this must be disabled in your browser. There some instructions how to do it here: Walkthrough: Decrypt SSL/TLS traffic (HTTPS and HTTP/2) in Wireshark

There are many more resources on the net about the subject. Please try those links below:

• Decrypting TLS Browser Traffic With Wireshark – The Easy Way!
• Decrypt HTTPS traffic with Wireshark and Fiddler
• Using Wireshark to Decode SSL/TLS Packets

If (Pre)-Master-Secret file approach does not work for you please try Fiddler which use a proxy approach and you should be able to decrypt SSL traffic with dedicated certificate that needs to be installed on your device. You can find quick guide here: Configure Fiddler to Decrypt HTTPS Traffic

Answer 2

You have to first supply the RSA encryption key to Wireshark so it can decrypt the SSL traffic for you. You can refer to the Wireshark SSL wiki page for how to do that.