@da_667 was it this one https://github.com/lbirchler/tls-decryption ?

@da_667 umm, wireshark?

@da_667 ssldump? https://adulau.github.io/ssldump/

@da_667 Now you nerdsniped me to do this with tshark (well, maybe tomorrow), I'd be utterly disappointed if this couldn't be done with a pcap output format:

https://tshark.dev/export/export_tls/

@da_667 ssldump?

@da_667 I ran a couple of tests and I'm disappointed: afaict you can export some specific plain stream types, but not a full PCAP. With -w the same encrypted stream is written out.

Sorry for the misdirection!