Using Wireshark with gRPC

[Ohad]

I am trying to dissect TCP packets carrying gRPC payloads with Wireshark. Although I configured decoding as http2 and provided path to my .proto directory, Wireshark seem to only decrypt TLS data, and doesn't show the actual content.

I am using a gRPC client and server in localhost and chose the loopback interface. Also, I followed guidelines in grpc.io site: https://grpc.io/blog/wireshark/

Will appreciate assistance on how to properly dissect the packets and show as expected from the guide (the guide is just a reference for what I am trying to achieve here)

[Sanjay Pujare]

Hi,

Can you confirm that TLS was decrypted? Did you see packets like this

i.e. TLS1.2 packets with ClientHello and cert/key exchange? Also I am assuming you exported the session keys as described in https://gitlab.com/wireshark/wireshark/-/wikis/How-to-Export-TLS-Master-keys-of-gRPC .

After ensuring TLS payload was decrypted by Wireshark you can decode the payload as http2 and after that is verified you can use the .proto files to decode the protobuf payload.

--
You received this message because you are subscribed to the Google Groups "grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/1455ea5c-bf78-440d-bcdc-26f17e0fd32an%40googlegroups.com.

[Ohad]

Seems like what I am missing is exporting the keys. Nevertheless it mentions that exporting isn't supported with the C# platforms, so I guess I can't get what I was expecting.

Thanks for your reply and helping.