Overview

To view FIX traffic the Wireshark tool can be used.

The traffic can be encrypted with Transport Layer Security (TLS) that provides security in the communication between two hosts.

It provides integrity, authentication, and confidentiality. It is used most commonly in web browsers but can be used with any protocol that uses TCP as the transport layer.

Wireshark supports TLS Decryption

Wireshark TLS Decryption

  1. Create a self-signed SSL certificate via open SSL using the following How to configure built-in SSL support for FIX session in FIXEdge
  2. Configure SSL Acceptors in FIXEdge
  3. Configure Wireshark
  4. Capture traffic
  5. Decrypt traffic

Wireshark configuration

Start capturing packages on Wireshark

Note

If the session is established before starting the listening the traffic would not be decrypted.

If the connection is acting as an initiator it must have the server's private key to decrypt packets.

Troubleshooting

Usage of (Pre)-Master-Secret (SSLKEYLOGFILE) to decrypt TLS FIX packets

As per Wireshark's official docs, the usage of (Pre)-Master-Secret (SSLKEYLOGFILE) is to decrypt HTTP + (over) TLS/SSL = HTTPS e.g. TLS traffic from Chrome, Firefox, and curl.

Alternatively, to debug FIX traffic it must be performed by TLS Decryption using an RSA private key.

Decoding SBE (Simple Binary Encoding) messages

CME works with data in CME MDP 3.0 and Streamlined formats.

There are guides:


Related pages