I am using a packet sniffer to view TCP data streams. It works pretty well for HTTP requests. However, for HTTPS requests (SSL), the data in the packets (that I can see through the sniffer) is encrypted. How do I collaborate with the Browser (where the encryption/decryption keys are stored) to see the decrypted/unencrypted code? It seems too much of work to manually assemble the encrypted data from different packets and then try to decrypt it somehow. What's the right approach to see/sniff unencrypted HTTPS Streams? It appears to me to be outside the realm of packet sniffers because data in SSL packets is already encrypted before packets are constructed. Networking Gurus please help.
Nagendra, Be assured the intention is noble. All I want to do is see my own requests being sent to a HTTPS server. I write the request using the OutputStream of a HttpURLConnection. But what I write into the OutputStream is only a part of the request that is finally sent to the server, because HttpURLConnection prefixes it with the HTTP header etc. That's the part I am more interested in, in order to interpret the server response that I receive. Is there a way to somehow get the ServerSocket that HttpURLConnection is using, or some such stunt? The task is to be able to read your own HTTPS request stream that you send to the server. Gurus....
I found some pretty shells, some sea glass and this lovely tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop