a nice way to get HTTPS decryption in Wireshark, without too much effort. Start & Close Wireshark, than Open command prompt, type this command: Code: setx SSLKEYLOGFILE C:\SSLKEYLOGFILE.LOG powershell -c "(Get-Content '%APPDATA%\Wireshark\preferences') -Replace '#tls.keylog_file: ', 'tls.keylog_file: C:\SSLKEYLOGFILE.LOG' | Set-Content '%APPDATA%\Wireshark\preferences'" To remove it later Close any Application that using Internet connection. Close Wireshark. than Open command prompt, type this command: Code: setx SSLKEYLOGFILE "" REG delete HKCU\Environment /F /V SSLKEYLOGFILE del /q C:\SSLKEYLOGFILE.LOG