This article is reproduced from: http://www.yangyanxing.com/article/use-wireshark-capture-https.html
Today I'm looking at HTTPS technology, so I want to use Wireshark to crawl and decrypt HTTPS traffic.
The basics of HTTPS can look at this article
The basic theory of HTTPS
Http://www.yangyanxing.com/article/https-basic.html
This article refers to the article
Using Wireshark to debug HTTP/2 traffic
Https://imququ.com/post/http2-traffic-in-wireshark.html
When sslkeylogfile this variable exists in the system environment variable, Chrome and Firefox will write the key into the environment variable when accessing the HTTPS Web site, and if set in the Wireshark, this will resolve the HTTPS traffic. Set environment variables, add sslkeylogfile variables, different systems in Wireshark, open Wireshark, click Edit-> Preferences, switch to protocols, select SSL, ON (Pre)- Master-secret log filename That select the value just Sslkeylogfile
Wireshark settings start grabbing the bag.
Caught access to the Alipay traffic
As you can see, Wireshark has turned HTTP/2 to HTTP, and the corresponding decrypted SSL Data tab is shown below, and I have entered the username and password, which can be displayed on the Wireshark