For RSA-based TLS decryption in Wireshark, what must be true about the key exchange mechanism?

RSA-based TLS decryption in Wireshark works when the handshake uses RSA key exchange, where the client sends the pre-master secret encrypted with the server’s public RSA key. The server can decrypt that secret with its private key, derive the master secret, and then Wireshark can compute the session keys to decrypt the traffic. If the handshake uses ephemeral key exchange like ECDHE, the pre-master secret isn’t encrypted with the server’s private key; it’s derived from the Diffie-Hellman exchange and the server’s private key is only used to sign parameters. In that case, possessing the server’s private key doesn’t let Wireshark decrypt the session keys. TLS 1.3 uses a different mechanism altogether and does not rely on RSA key transport for decryption in the same way, so RSA-based decryption isn’t applicable there. Therefore, the decryption method requires RSA key exchange.