Sometimes, you need to decrypt SSL. Wireshark says you can do that if you have the server key.

This works .. almost.

It doesn’t work if the key exchange uses a DH (Diffie-Helmann) cipher. You need to use a RSA cipher for the key exchange. Several people on the internet tell you this, but i was never able to find any information which keys to use and which not to use.

Seems this works, however:

I made it work. As SYN-bit said, the reason because my server and client use DH cipher to exchange key, I should config my server to use RSA cipher to exchange key. with Apache :

SSLCipherSuite RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS

Now I can decrypt https traffic.