There is an undocumented limit on the number of PTL files that can be auto-loaded via the capturekeys directory. When the number of key files in this directory exceeds 512, the key files at that point stop being loaded, with no warning or indication of the problem in the Capture.log file.

This enhancement request is to have the limit lifted or made configurable. An engineering request exists to have the logging improved and to have the limit added to product documentation (RTC 64417).

Additionally, it would be helpful add an "unused" filter to the SSL keys list, in the web console. The list would show loaded keys that have not been matched to any inbound traffic since the last capture restart. The key file name should be included. This list will be helpful for finding and removing obsolete keys.