You "just" need the key to the encrypted traffic. You don't have to change the handshake/negotiation, you just want a copy of the key so you can decrypt the traffic.
In TLS, the client authenticates server, then they both agree to use a key for the session; the OS can get a hold of this key (this is usually a bad move because then any captured traffic frames could be later decrypted).
In TLS, the client authenticates server, then they both agree to use a key for the session; the OS can get a hold of this key (this is usually a bad move because then any captured traffic frames could be later decrypted).