Or also known as, holy cow Wireshark is crazily obtuse and information dense!
While not properly using Fiddler yesterday and trying to come up with alternatives, I sorted out how to inspect HTTPS traffic and look at the packets with Wireshark; it's actually not too hard, but loading up Wireshark for the first time is extremely daunting.
The basic instructions can be found in this lovely Citrix blogpost; the screenshot is of an older version of Wireshark, but you should be able to figure out the slightly-more-user-friendly-than-just-a-text-field version of the RSA keys list.
What the blogpost doesn't cover is how to get a .pfx file (common in Windows-land) into the PCKS8 RSA format that Wireshark is expecting. A few simple steps:
1) Download the Windows version of OpenSSL here (note the general disclaimer on sanctions relating to exporting cryptography...stuff. I am not liable if you use anything in this post to break any kind of law, anywhere...)
2) Use OpenSSL to convert your pfx to RSA:
- openssl pkcs12 -in mycert.pfx -out mycert.pem -nodes
- openssl rsa -in mycert.pem -out newcert.pem
Your newcert.pem file should contain "-----BEGIN RSA PRIVATE KEY-----" if you open it in a text editor.
If you're not entirely sure that you've got Wireshark set up to decrypt your HTTPS traffic correctly, you can take a look at the SSL debug file at the location you specified; the very first line should indicate whether or not the SSL decryption information required was loaded successfully or not.