Add comment
Name:
Email:
Comment: *
(Use BBcode - No HTML)


What is the syntax of ssldump to collect a clear text SSL trace?

ssldump -And -k /path/server_private_key.pem -p password -i em0 > filename

 -A 
Print all record fields (by default ssldump chooses the most interesting fields) 

 -d
 Display the application data traffic. This usually means decrypting it, but when -d is used ssldump will also decode application data traffic _before_ the SSL session initiates. This allows you to see HTTPS CONNECT behavior as well as SMTP STARTTLS. As a side effect, since ssldump can't tell whether plaintext is traffic before the initiation of an SSL connection or just a regular TCP connection, this allows you to use ssldump to sniff any TCP connection. ssldump will automatically detect ASCII data and display it directly to the screen. non-ASCII data is displayed as hex dumps. See also -X.

 -k 
Use keyfile as the location of the SSL keyfile (OpenSSL format) Previous versions of ssldump automatically looked in ./server.pem. Now you must specify your keyfile every time.

 -n  
Don't try to resolve host names from IP addresses

 -p 
Use password as the SSL keyfile password.

 -i
 interface