For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

mikegray_198028

Icon for Cirrus rank

Cirrus

May 26, 2017

Decrypt TLSv2

Is there any option to decrypt TLSV2 traffic, using ssl dump or using key?

application delivery

3 Replies

Anthony_Graber
Employee
May 31, 2017
Do you mean TLS1.2? What are you trying to do?

https://support.f5.com/csp/article/K10209

Icon for Noctilucent rank

Noctilucent

Yes you can decrypt the data by specifying the path, Use SSLDUMP command,

ssldump -Aed -nr /var/tmp/yourpacketcapture.cap -k /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.site.com.key_1

dragonflymr
Cirrostratus
May 31, 2017
Hi,

Possibility to decrypt traffic depends on ciphers used. If RSA key exchange is used it should be possible to decrypt, if DH is used or any other Forward Secrecy or Perfect Forward Secrecy cipher suites then it is not possible.

It is not possible as well to decrypt resumed session. Capture must contain full SSL Handshake.

Piotr

Security Best Practices for F5 Products

Technical Articles

F5 AppWorld 2026 Registration - early bird pricing.

DevCentral News

Kostas Injeyan - October 2025 Featured Member

DevCentral News

featured member

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5