Forum Discussion
Decrypt ssl server
Hi everyone
Is it possible to decrypt ssl server profile?
I want to view data send from server to f5
Yes, it is possible. If you're on version 15 or higher, you can follow the instructions in the below F5 article:
https://my.f5.com/manage/s/article/K31793632Because you stated that you want to decrypt the traffic on the server-side (i.e. between the BIG-IP and the back-end pool member), you will need to use the "p" flag in your tcpdump command (this is mentioned in the same article).
An example of the command that I personally most often use is:
tcpdump -i <VLAN>:p -nn -s0 --f5 ssl "host <CLIENT IP> and port 443" -w /var/tmp/"$HOSTNAME"_"$(date +%d-%m-%y)".pcap
Yes, it is possible. If you're on version 15 or higher, you can follow the instructions in the below F5 article:
https://my.f5.com/manage/s/article/K31793632Because you stated that you want to decrypt the traffic on the server-side (i.e. between the BIG-IP and the back-end pool member), you will need to use the "p" flag in your tcpdump command (this is mentioned in the same article).
An example of the command that I personally most often use is:
tcpdump -i <VLAN>:p -nn -s0 --f5 ssl "host <CLIENT IP> and port 443" -w /var/tmp/"$HOSTNAME"_"$(date +%d-%m-%y)".pcap
You can use my script: https://github.com/JuergenMang/f5-tls-decrypt
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com