I had blogged Collecting a wire-shark trace with TLS active for a browser <https://colinpaice.blog/2023/07/22/collecting-a-wire-shark-trace-with-tls-active/> where you could specify an environment variable *export SSLKEYLOGFILE=$HOME/sslkeylog.log*. OpenSSL would write the key to this file, and Wireshark could decrypt the traffic using this data.
Unfortunately this only worked with RSA keys. I could not get it to work with modern Elliptic Curve keys. I've updated my zWireshark <https://github.com/colinpaicemq/zWireshark> program to capture AT-TLS application data in clear text from the z/OS side. It uses an IBM provided API, and captures the traffic between AT-TLS and the application. I would welcome any problems ,comments, or suggestions Colin ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
