Decrypting TLS with the tcpdump sslprovider

I will share my script to decrypt TLS on the F5 v15+. You do not need to change any TLS oder cipher settings, have access to private keys or add special iRules. It should work out of the box with all TLS versions.

It uses the information that the tcpdump sslprovider from F5 writes into the dump.

The script itself and the usage is documented in the GitHub repository.

https://github.com/JuergenMang/f5-tls-decrypt

Feel free to propose enhancements to the documentation or script itself.

Published Jul 20, 2022
Version 1.0