SSL/TLS debugging: How to view messaging until encryption keys are exchanged?

Question

For e.g. if I did a https://www.gmail.com, I thought I could use firebug to see the TLS/SSL handshaking and message exchanges. I did not see any. Someone in another forum answered that firebug only operates at HTTP and not at HTTPS level. But until the keys are exchanged, it does operate in unencrypted or clear mode. So, should firebug not show these messages, such as cypher exchanges? Are these handshaking, keyexchange, cypher exchange messages carried through HTTP protocol requests/responses or are they separately done through some modules built in the browser as a SSL/TLS module and therefore cannot be viewed through tools like firebug? Thanks.

Answer 1

Firebug works both with HTTP and HTTPS, but what it doesn't do is show you the SSL/TLS details under the HTTPS connection.

Are these handshaking, keyexchange, cypher exchange messages carried through HTTP protocol requests/responses or are they separately done through some modules built in the browser as a SSL/TLS module and therefore cannot be viewed through tools like firebug?

The SSL/TLS handshake is not carried over the HTTP protocol, but it's done at the SSL/TLS level, under HTTP (HTTPS is HTTP over SSL/TLS). This is done in Firefox by the NSS library (part of Firefox and the Mozilla project).

You might be able to see more details by using a tool like Wireshark.