Decrypt TLSv2

Question

Is there any option to decrypt TLSV2 traffic, using ssl dump or using key?&nbsp;

anthony_graber · Answer

Do you mean TLS1.2? What are you trying to do?&nbsp;
https://support.f5.com/csp/article/K10209&nbsp;

jaikumar_f5 · Answer

Yes you can decrypt the data by specifying the path,
Use SSLDUMP command,
ssldump -Aed -nr /var/tmp/yourpacketcapture.cap -k /config/filestore/files_d/Common_d/certificate_key_d/:Common:www.site.com.key_1

dragonflymr · Answer

Hi,&nbsp;
Possibility to decrypt traffic depends on ciphers used. If RSA key exchange is used it should be possible to decrypt, if DH is used or any other Forward Secrecy or Perfect Forward Secrecy cipher suites then it is not possible.&nbsp;
It is not possible as well to decrypt resumed session. Capture must contain full SSL Handshake.&nbsp;
Piotr&nbsp;

Forum Discussion

Decrypt TLSv2

3 Replies

Recent Discussions

Stable Firmware for F5

BigIP Next - Health Monitors / Template

LDAPS and renegotiation

Need advise to setup a policy on F5

Web acceleration

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Decrypting BIG-IP Packet Captures without iRules

Decrypting BIG-IP Packet Captures Automatically

F5 Distributed Cloud - Regional Decryption with Virtual Sites

Decrypting TLS traffic on BIG-IP