• 14

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191


File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

Extracting TLS session keys from lighttpd

Is it possible to extract the TLS session keys from Lighttpd so we are able to decrypt traffic captured by tcpdump?

Alternatively, we could disable PFS but we prefer not to do that.

you can find private key in the file referenced by entry ssl.pemfile in the file /etc/lighttpd/lighttpd.conf

The key is at the beginning before the certificate.

decrypt question was already answered here:


Ssldump is supposed to be able to do that, but it appears to be unmaintained (in the source archive of the latest version, the date of last modification of all files are in 2002 or before) so it is quite possible that it won't support newer SSL/TLS; actually, it is highly implausible that a software from 2002 could process the new encryption formats defined in TLS 1.2 (AES/GCM). TLS 1.1 was published in 2006, and TLS 1.2 in 2008.

OpenSSL is a library that implements the protocol, but is not meant for analysing a recorded session.

You may have better chance with Wireshark, which has ample documentation on how to use it to decrypt recorded sessions.

There is an important parameter to mind: decryption of a passively recorded session (with a copy of the server private key) works only if the key exchange was of type RSA or static DH; with "DHE" and "ECDHE" cipher suites, you won't be able to decrypt such a session, even with knowledge of the server private key. In that case, you will need either the negotiated "master secret", or to use the server private key to actively intercept the connection (in a Man-in-the-Middle setup).

  • 0
Reply Report
    • Thank you for your response. This technique only works when Perfect Forward Secrecy is disabled. (With PFS the private key is not enough to decrypt a TLS connection). Because I would like to do this on a live-server, I don't want to disable PFS.
      • 2
    • If you don't like to disable PFS for any or some connections I guess the only way will be to setup a reverse proxy like nginx for TLS termination in front of your web server (same host). Then it is very easy to capture traffic between proxy and web server. Think about Man-in-the-Middle setup.
      • 1
    • Another technique: Firefox and Chrome dump the session keys when the environment variable SSLKEYLOGFILE is set. I was hoping for something similar in lighttpd.

Trending Tags