How does Bro decrypt https traffic?

Hi friends
My name is Star and I am from Beijing, China,I am working on a project for pcap traffic analysis.Now I want to decrypt https traffic, I don’t know if bro supports it?

Thank you

​Hello Star!

bro does not support https decryption out of the box.

Normally, an enterprise would ​deploy an “https Decryption Appliance”. That would perform the decryption and create a stream of unencrypted traffic to go to your Network Security devices, like bro.


Bro does not decrypt ssl traffic. You can do it externally and feed the decrypted traffic into bro.

No one should ever be hijacking ssl traffic, though.

Thank you very much for your reply, now I know that Bro does not support

Thank you very much for your reply, I just want to analyze https traffic with authorization.