How to 'be able to dissect' encrypted traffic that uses elliptic curve

I have bunch of Ubuntu servers, mostly running nginx for serving web pages. I want to be able to capture & dissect the traffic for analyzing or troubleshooting certain app and API issues.

I need this because we are having integration problems with 3rd parties, we need to be able to provide proof about issues when needed. (We have app logs, too of course.)

Despite having the private key, I'm unable to decrypt this traffic, due to elliptic curve I'm told.

At the moment I'm using a method which seems a bit hackish to me.

Suppose letters A and B are ports, X and Y are my linux boxes.

A: HTTPS /TCP 443

B: HTTP / TCP 8888

Incoming traffic flow is as below:

Public (Internet) --> FIREWALL --> A of X (nginx-rev-proxy with our ssl certs) ---> FIREWALL ---> B of Y 

I'm able to capture traffic, bound for tcp 8888 on X or Y and dissect it. This allows me to export documents POSTed to our API by 3rd parties and prove if there is anything wrong or if that document was POSTed at all.

Security-wise, what would be the better way or what could I do to improve on this method?

Apologies for any wrong terminology. Please comment if you need more info.

Replay

Category: tls Time: 2016-07-31 Views: 4
Tags: ecc wireshark tls

Related post

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development

search

Front-end development

Database

development tools

Open Platform

Javascript development

.NET development

cloud computing

server

Copyright (C) avrocks.com, All Rights Reserved.

processed in 0.219 (s). 12 q(s)