Capturing HTTPS traffic in the clear?

Question

I\'ve got a local application (which I didn\'t write, and can\'t change) that talks to a remote web service. It uses HTTPS, and I\'d like to see what\'s in the traffic.

Answer 1

You need to setup a proxy for your local application and if it doesnt honour proxy settings, put a transparent proxy and route all https traffic into it before going outside. Something like this can be the "man" in the middle: http://crypto.stanford.edu/ssl-mitm

Also, here's brief instructions on how to archive this with wireshark: http://predev.wikidot.com/decrypt-ssl-traffic