Decrypting TLS traffic on BIG-IP
1 Introduction As soon as I joined F5 Support, over 5 years ago, one of the first things I had to learn quickly was to decrypt TLS traffic because most of our customers useL7 applications protected ...
Published Apr 23, 2020
Version 1.0
Rodrigo_Albuque
Cirrocumulus
CirrocumulusRodrigo_AlbuqueCirrocumulus
Cirrocumulus
Rodrigo_AlbuqueCirrocumulus
Cirrocumuluskeylog is the file you're going to create with the value shown in the F5 TLS headers. You can copy what's after "[Keylog entry:" as is and paste it to a file, then go to Wireshark preferences -> Protocols -> TLS and add this file as pre-master key. It should decrypt your capture.