Forum Discussion
SSL::sessionid returns the current connection's SSL session ID if it exists in the session cache.
A Cache Size setting of 0 disables SSL session caching for the profile, which means the Session ID will not be cached and the command will return a null string.
I assume you're following the process outlined here:
K16700: Decrypting SSL traffic using the SSL::sessionsecret iRules command
Yes, you'll need to use the CLIENT_RANDOM option with the random byte string as the identifier and sessionsecret string for the master key string.
If there are multiple connections in the packet capture then you will need to look at all the client source ports used so that the Master Secret log file contains multiple lines, each with the random byte string with the matched key string. As noted in the steps, the syntax is important.
If you're still having issues with the decryption then enabling SSL debugging in Wireshark and looking at the output this produces should indicate what's going wrong.