Glassfish secrets: HTTPS server side traces

When you are working with Glassfish (like I am doing now), you might need to capture your HTTPS traffic. In an earlier post, I explained how to capture and decrypt any SSL/TLS traffic, as long as you have the server private key.

While this method is quite effective and universal, it is still a little cumbersome, especially since the actual SSL decoder in Wireshark is not yet fully integrated into the analyzer itself.

For Sun’s Glassfish application server, there is a fairly simple way to monitor any web services HTTPS traffic:

simply go into the domain.xml file of your domain and add the following <jvm-options>:


<jvm-options>-DWSIT_HOME=${com.sun.aas.installRoot}</jvm-options>

<jvm-options>-Dcom.sun.xml.ws.transport.http.HttpAdapter.dump=true</jvm-options>
<jvm-options>-Dcom.sun.xml.ws.transport.http.client.HttpTransportPipe.dump=true</jvm-options>

The server.log (in <installRoot>/domains/domain1/logs) will then contain the fully assembled web services exchanges.

tag: , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *