Reputation: 13775
What is the equivalence of SSLKEYLOGFILE in a Java program?
Where is SSLKEYLOGFILE defined?
As discussed above, SSLKEYLOGFILE can be used with some program to capture the key log.
But Java programs using TLS do not respect this environment variable. What is the correct way to let such a Java program dump the key log? (I think Java program most likely uses the following package for TLS. But I am not completely sure.)
Upvotes: 7
Views: 3819
Answers (2)
Reputation: 3045
As suggested by this wireshark topic, there exists a Java agent that can provide the same functionality: https://github.com/neykov/extract-tls-secrets.
I tested it by providing the agent in the command line and it works for my use-case (TLS v1.3)
Upvotes: 7
Reputation: 27613
All versions of Apache HttpClient use the standard JSSE framework for their TLS transport security. Please refer to the JSSE documentation for details on SSL/TLS debug logging (per @VGR original suggestion)
https://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/ReadDebug.html
Upvotes: 1
Related Questions
- What fields be expected in sslkeylog file?
- Understanding SSL in Apache HttpClient (Java)
- Where SSLSocketFactory and HttpsURLConnection work diffrerently?
- HTTPURL connection in java 6/7
- SSL-Config or SSLContext to be used ? in Akka Http SSL Java
- How to use SSL in Java correctly?
- Java equivalent to .NET SSLStream
- Connecting via SSL with Java: The basics
- How can I log the SSL layer with the Apache HTTP server classes
- On Java SSL jvmArgs