How to log TLS Master Secret with Visual Studio IDE


  • Hi!

    Does anybody know the way I can log (Pre-)Master Secret and Session ID my client-side application generates during TLS Handshake? I don't have server's private key.

    Wednesday, April 12, 2017 2:45 PM

All replies

  • Hi Atercat,

    Thank you for posting here.

    For your question, what secure channel you used to communicate?

    If a client and host are using a secure channel(HTTPS) for communication, then WinHTTP logs could be used to troubleshoot application failures.

    For the generation, please refer to the following links.

    How to Generate the Master Secret

    TLS v1: How does the SSL Session ID mechanism work?

    I hope this would be helpful.

    Best Regards,


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact

    Thursday, April 13, 2017 9:14 AM
  • Actually, I'm looking for a convenient way to view the data exchange between my Windows-Forms-Application client and the SOAP server. System.Diagnostics listener is a bit messy. Wireshark looks good enough for this purpose. But I can't view data because it goes through a secure channel via TLS protocol. To do this I have to get an unencrypted master secret somehow.

    According to your advice, I'd captured WinHTTP log. Then I'd opened it with Microsoft Message Analyzer. But what I've seen there were TLS handshake packets with an encrypted Pre-Master secret. The same as in Wireshark. Maybe I do something wrong?

    Link for Master Secret generation is about BizTalk. I guess it's not my case.

    Thursday, April 13, 2017 1:51 PM