Thank you all.. i will try and write back. -thanks harish
On Wed, Mar 10, 2021 at 7:59 PM Matt Caswell <m...@openssl.org> wrote: > > > On 10/03/2021 13:35, Jeremy Harris wrote: > > On 10/03/2021 13:14, Harish Kulkarni wrote: > >> My application is built along with openssl library source code. We > >> want to > >> dump keys to a file for decrypting TLS flows from network captures.. is > >> there any flag or environment variable which we can set during building > >> application or while running application. > > > > Env var SSLKEYLOGFILE > > That is not an OpenSSL environment variable (I think that's an NSS thing). > > In order to log keys you need to set the key logging callback via > SSL_CTX_set_keylog_callback. > > The callback needs to look like this: > > typedef void (*SSL_CTX_keylog_cb_func)(const SSL *ssl, const char *line); > > It should write the data provided in "line" to wherever you want to > store the key data. > > See: > https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_keylog_callback.html > > If you are using the OpenSSL command line then you can use the > "-keylogfile" option to s_client or s_server to specify the filename for > where you want keys logged. > > Matt >
