Store SSL session keys on connected Trace appliances

This procedure shows you how to enable the storage of SSL session keys on connected Trace appliances. Keys are stored for all sessions that the Discover appliance can decrypt. These keys include SSL session keys derived from SSL decryption keys you upload on the SSL Decryption Keys page, and keys received from PFS session key forwarders.

Note:To ensure end to end security, the session keys are encrypted when moving between appliances as well as when the keys are stored on disk.
  1. Log in to the Administration page on the ExtraHop system through https://<extrahop-hostname-or-IP-address>/admin.
  2. In the System Configuration section, click Capture.
  3. Click SSL Session Key Storage.
  4. Select Enable SSL Session Key Storage.
  5. Click Save.

Next steps

For more information about downloading session keys, see Download session keys with packet captures.

Published 2022-09-26