Hi, I'm trying to get an understanding of the QUIC protocol using wireshark (and other material from various sources).
Steps that I followed: 1. captured (using tshark) QUIC traffic between a local client server (generated using mozilla/neqo, with SSLKEYLOGFILE env to store traffic secrets). 2. set the captured traffic secrets path in wireshark preferences (Protocols -> TLS [(Pre)-Master-Secret log filename]) 3. opened the pcap file Expected: 1. decrypted payloads for QUIC handshakes 2. decrypted payloads for subsequent QUIC packets Observed: 1. [PASS] decrypted payloads for QUIC handshakes 2. [FAIL] decrypted payloads for subsequent QUIC packets Are there any additional steps that I need to follow to decrypt all QUIC packets? screenshot showing the issue: https://ibb.co/ysgN5yW Thanks, Magesh
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-requ...@wireshark.org?subject=unsubscribe
