Logging encrypted https responses

[davidgrion]

Hi

I am running apache 2.0.55 on a ubuntu 6.06
I am trying to find a way to access the encrypted http response that the webserver is transmitting for each https request

Does anyone know if that's even possible?
I have already tried mod_dumpio and mod_security, but with no success.

 

[Noway2]

You could try using tcpdump or wireshark. Granted, the information is going to be encrypted (read look like junk), but that is a major point of the encryption: to prevent you from doing just that.

As an aside, you are running and EXTREMELY outdated version of Ubuntu which went end of life (read unsupported for security updates) quite some time ago. Your Apache is also quite a bit out of date. I would HIGHLY recommend that you switch to more modern editions because there have been numerous vulnerability fixes over time that you are missing. Trust me, the pain associated with being compromised will be far less than that of upgrading, even in a high load production environment.

 

[Noway2]

Edit: I meant to say, "Trust me, the pain associated with being compromised will be far MORE than that of upgrading, even in a high load production environment."

 

[davidgrion]

Thanks for your help and advice, Noway2.
I will try tcpdump or wireshark. All I need to find out if I will be able to link the encrypted response to the request.