Physics Hacker

Debugging the SSL handshake can be lots of pain, especially if the SSL commands are done by components not under your control. Fortunately there is a tool called ssldump which lets you monitor the complete SSL handshake. The following command prints out detailed information about the SSL handshake (on interface eth0):

ssldump -a -A -H -i eth0

If you want to sneak at the encrypted traffic you need to tell ssldump where to find the hostkey (e.g. hostkey.pem or similar) of the machine

ssldump -N -d -k $PATH_TO_HOSTKEY/hostkey.pem -A -H -i eth0

Replace $PATH_TO_HOSTKEY and hostkey.pem accordingly.

More information can be found here or in the manpage of ssldump.

Tags: admin, debugging, ssl

This entry was posted on Monday, March 22nd, 2010 at 12:22 and is filed under admin, random rants. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.