This section elaborates the configuration to enable session key capture when debugging a virtual service using the CLI and UI.

When users debug a virtual service from the Controller, they can download the traffic packages originally captured by SEs and subsequently upload them to the Controller for analysis. Users can set/reset a new traffic-capture parameter that enables/disables the capture of SSL keys.

Suppose the parameter is set to True for the virtual service. In that case, the relevant SEs capture session keys of encrypted connections for the particular virtual service and store them in the SSL Key log file. Users can then download it and use it to decrypt a PFS pcap with Wireshark.