Config advice / wireshark
Robert Paprocki
rpaprocki at fearnothingproductions.net
Fri Apr 21 15:21:26 UTC 2017
Unless wireshark has access to the private key (and PFC isn't enabled), you're best bet would be to log the data from nginx directly, rather than trying to examine the raw bytes on the wire.
> On Apr 21, 2017, at 08:10, Joel Parker <joel.parker.gm at gmail.com> wrote:
>
> I currently have a config that allows me to terminate TLSv1.2 and decrypt it. Then it re-encrypts the packets with a different cert before sending to the upstream servers. I want to "look" at the decrypted packets before they are encrypted but I am not sure the best way to accomplish this.
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list