How to extract TLS 1.3 pre-master secret?

I use RabbitMQ with Erlang/OTP 25.0 under Windows 10.
I try to decipher TLS 1.3 traffic between RabbitMQ and one of its clients.
For this, I need the TLS output written when the environment variable SSLKEYLOGFILE is set.
But when I set the variable, the output is not written. I as well set it using the ‘-env’ parameter for RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS.
Can I tell Erlang/OpenSSL to write this additional TLS output?

1 Like

User guide in section “Server (with NSS key logging)” explains how to configure Erlang ssl server for achieving that.
Erlang – Using SSL application API

I don’t know if/how RabitMQ can be configured to achieve that …

No, RabbitMQ does not support “NSS key logging” at this time.

1 Like