29Oca
Intercepting HTTPS traffic with a trusted root cert and packet capture from the WiFi AP
I have an application in Android (version 6, so quite old) whose communication I want to monitor. I have installed my own root certificate in the user store and Android warns me correctly that data can be monitored. I have access to my WiFi AP and have captured packets from there, which when loaded in Wireshark obviously show TLS data which is just a bunch of binary.
I'm confused about what I need to do next to decrypt the TLS. It seems I need a TLS key log file. I thought interception and my own trusted root CA were the hardest steps, and now that they're done I'm forgetting what else. What part of this setup am I missing?
