Latest Unstable doesn't enable SSL debugging
Posted: 2017-08-05, 21:25
Normal builds of Palemoon (and Firefox) block 3rd party programs from analyzing SSL traffic, and there's no way to disable that even on a temporary basis. But I thought there was at least one version available that didn't do that. I tried the latest unstable version, but setting SSLKEYLOGFILE didn't do anything.
This is kind of important if I'm going to "report bugs" on the "development version." The browser itself offers almost no information about SSL negotiation, with no way to even view the client keys and randomness, or what ciphers the browser attempts to negotiate. All I can get is "The server rejected the handshake because the client downgraded to a lower TLS version than the server supports," with no information on what TLS version my client supposedly downgraded to. (Ostensibly the reason is to protect our security, and only coincidentally reserves the power of public key encryption only to big corporations.) A program like wireshark can find out that stuff, but it's not part of "the kitchen sink," so without SSLKEYLOGFILE I'm pretty much blocked from using it.
Am I just doing it wrong? I'm pretty sure I spelled the environment variable correctly...
This is kind of important if I'm going to "report bugs" on the "development version." The browser itself offers almost no information about SSL negotiation, with no way to even view the client keys and randomness, or what ciphers the browser attempts to negotiate. All I can get is "The server rejected the handshake because the client downgraded to a lower TLS version than the server supports," with no information on what TLS version my client supposedly downgraded to. (Ostensibly the reason is to protect our security, and only coincidentally reserves the power of public key encryption only to big corporations.) A program like wireshark can find out that stuff, but it's not part of "the kitchen sink," so without SSLKEYLOGFILE I'm pretty much blocked from using it.
Am I just doing it wrong? I'm pretty sure I spelled the environment variable correctly...