So you’ve locked down your BizTalk web services with SSL and would like to do some tracing. You’ll need two tools. WireShark and OpenSSL. OpenSSL will convert your binary PKCS12 private key to a text PEM certificate, which is required by WireShark.
Assuming your web site is already locked down with a certificate, the bindings are setup etc. First export your certificate in PKCS12 form.
Export the certificates by running mmc.exe and adding the certificates snap-in.
Export the certificate. It’s the certificate that you website is bound to.
Be sure to export the private key. This is what WireShark needs to decrypt the SSL packets.
Enter a password
Now we’ve exported the PKCS12 certificate we need to convert to get the private key and convert it to PEM. Easy with OpenSSL. From the command line do the following. The first one will prompt you for the password you added to the exported PKCS12 certificate pfx file.
c:\OpenSSL-Win32\bin> openssl pkcs12 -nodes -in Cert.pfx -out PrivateKey.pem -nocerts –nodes
c:\OpenSSL-Win32\bin> openssl rsa -in PrivateKey.pem -out out.pem
We can now use out.pem from WireShark to decrypt SSL.
Open WireShark and go to the Edit menu and select the Preferences menu item
Expand Protocols and select SSL
Select the Edit Button and click the New button then enter your details. The IP address should be the IP of your web server, the port the port your HTTPS is set up on, default being 443. The protocol should be lowercase http and the Key File from the above is out.pem.
Now you’re ready to start capturing SSL. Put a filter on your capture for http as below. You can then right mouse Follow TCP or Follow SSL stream on the decrypted HTTPS traffic and view the HTTP messages in clear text.