Sniffer stops showing data from monitored servers after network change to decrypt ssl before sending to sniffer. (4347971)

Network has been changed to send previously encrypted SSL traffic unencrypted to port 443. So now the traffic is in the clear HTTP traffic instead of HTTPS traffic.

The customer installed a solution that will take their DH(Diffie–Hellman) SSL traffic, decrypt it and forward it on to the sniffer as clear traffic. They still had the sniffer configured to try and decrypt traffic from port 443.

RESOLUTION(1):

1)      Go to APM | Configure | Traffic Capture | Private Keys

2)      Remove the keys

3)      Go to APM | Configure | Traffic Capture | Monitored Ports

4)      Edit Port 443

5)      Change HTTPS to HTTP

Traffic going forward will now be visible.

NOTE: If there is traffic on Port 443 that is both HTTP and HTTPS only one can be monitored. This is because you can only set a Port traffic type globally.