SSL/TLS – Decrypt the encrypted network traces

Ask: As we know SSL/TLS is encrypted traffic using symmetric keys created during SSL/TLS handshake. Many a time we might need to decrypt this traffic to observe the request/response packets or client certificates being sent. Tools Needed to decrypt the traffic: 1. Network monitor 3.4 – https://www.microsoft.com/en-in/download/details.aspx?id=4865 2. NMDecrypt 2.3.4 – https://nmdecrypt.codeplex.com/ 3. Server Certificate…

0

SSL/TLS – Introduction To CAPI2 Traces

Introduction:CAPI2 traces are part of windows OS and can be enabled from event viewer section. Very useful when we deal with SSL/TLS connectivity or client certificate validation issues. To enable: 1. Open Event Viewer 2. Navigate to Applications and Services Logs -> Microsoft -> Windows -> CAPI2 3. Now, remember that this utility captures all…

0