Description of problem: The update to nss 3.24.0 removes the support for the SSLKEYLOGFILE variable, which allows to analyze TLS traffic easily: https://www.m00nie.com/2015/05/decrypt-https-ssltls-with-wireshark/ This is because NSS_ALLOW_SSLKEYLOGFILE was introduced and set to zero by default: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Reference/NSS_environment_variables Removing this support in a stable Fedora release is a pretty drastic step, since updates are supposed to be more stable. Therefore please consider enabling this again and only deprecate it with proper announcements in a new Fedora release.
Created attachment 1166334 [details] allows sslkeylog file in opt builds This is to applied for stable branches only f23 and f22.
scratch build with the patch applied available at http://koji.fedoraproject.org/koji/taskinfo?taskID=14435717
Comment on attachment 1166334 [details] allows sslkeylog file in opt builds r+ for stable branches.
nss-3.24.0-1.3.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-342d89590d
nss-3.24.0-1.3.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-342d89590d
nss-3.24.0-1.3.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.