I'm testing an iOS application and I just want to see when HTTPS traffic is sent. I'm not interested in the contents of the traffic. How can I configure Wireshark to do this?
This is just to verify that an analytics package is working. I don't have any control over the servers that my app is talking to.
Thanks!
Edit #1: My current Wireshark configuration can see traffic to http://www.duckduckgo.com but not https://www.duckduckgo.com
An alternative is using your Mac as a Wi-Fi access point and sniffing the traffic with TCPDump. Here are the steps:
Create Network
. Give it a random name, select security, and set a password.System Preferences > Sharing
set To computers using: Wi-Fi
. In Wi-Fi Options...
choose the network you created before. In Share your connection from:
, choose the interface you are getting Internet from, usually Ethernet. Internet Sharing
, and connect to this new Wi-Fi network from your iPhone. Settings > General > Network
and check your Internet with Safari. Sometimes it takes a few seconds.sudo tcpdump -s 0 -A -i en1 port 443 > log.txt
. Use ifconfig
if you have a network interface other than en1. The log generated can also be imported by WireShark (which is a GUI version of tcpdump).TCPDump is included with all versions of OS X. For other options, see Technical Q&A QA1176 Getting a Packet Trace.