After setting the SSLKEYLOGFILE environment variable the key log file does not appear
20332
Created On 09/10/24 20:10 PM - Last Modified 09/11/24 20:21 PM
Symptom
- Looking to Decrypt SSL traffic
- Followed KB How to Decrypt SSL using Chrome or Firefox and Wireshark in Windows
- After configuring the "Variable name: SSLKEYLOGFILE" the sslkey.log file does not appear on desktop
Environment
- Next Generation Firewall
- SSL Decryption
- Windows browser (Chrome or Firefox)
Resolution
- Check that the variable is set correctly by opening a cmd window and running echo %SSLKEYLOGFILE% and confirm the path is correct.
- Make sure Chrome/Firefox etc. was fully shut down before reopening.
- Use the Task Manager to confirm there are no browser processes still running after exiting the browser, then reopen it.
- If the customer is using OneDrive to back up the user's Desktop folder it will override the contents of the folder and the keylog file will not be visible.
- Choose another folder that is not synced to OneDrive such as Downloads and use that as the path for "SSLKEYLOGFILE".
Additional Information
9/11/24 - Publishing based on request from Stephen Bafico (Sr Principal Engineer Software) who provided the information.