Inspecting Tomcat HTTPS connection with Wireshark
Wireshark allows you to inspect SSL connection as long as you have the corresponding private key of the server side. You can read the details here. But if you are using java and tomcat you’ll probably have the certificate and private key stored in a JKS keystore so how can you extract the key in the right format for WireShark? First of all, keytool doesn’t allow you to extract the private key from a keystore. So you need external help. I use the DumpPrivateKey.java which is a modified version on the DumpPrivateKey found in this forum post. ...