Reputation: 28540
Intercept TLS/HTTP/2 from browsers
I'm able to intercept traffic to and from Chrome by exporting the SSL key log and referencing it in Wireshark.
I want to compare Chrome's behavior with the behavior of the other major browsers though. How can I get the keys from those browsers in a format that Wireshark will understand?
Specifically
- Edge
- IE11
- Opera
- Safari
Upvotes: 0
Views: 339
Answers (1)
Reputation: 46040
I do not believe those browsers allow you to export the SSL key like Chrome and Firefox do, with perhaps the exception of Opera (as it’s a Chromium based browser). It should also be noted that Edge is in the process of transitioning to Chromium so it presumably will soon have this facility too.
Depending why you want to do this, an alternative to intercepting the traffic, is to set up a webserver and log the responses. Nghttpd for example allows you to see each of the frames received (and sent). I used this to investigate the different prioritisation schemes used by the browsers as discussed in my book (sign up for a free account to read this section for free for a few mins each day). Basically I created a dummy page with a few resource types and fired up an nghttpd server in the directory with that page in verbose mode and grepped for the frame info I was looking for:
nghttpd -v 443 server.key server.crt | grep -E "PRIORITY|path|weight"
and then requested http://localhost from each browser I was interested in and saw the frame details each browser sent.
Upvotes: 1
Related Questions
- Use Wireshark for debugging HTTP/HTTPS
- View plain response (from HTTPS) in WireShark
- How to capture https traffic?
- How do I sniff website url in a https packet request in wireshark?
- HTTP 2.0 Over the Wire (Raw)
- Fiddler2: Decrypt HTTPS traffic and Tunnel to host:443
- HTTPS->HTTP via Fiddler
- How to view (sniff) http traffic?
- HTTPS intercept
- Read the information my computer is sending on an ssl connection