Wireshark has some very nice SSL/TLS decryption features tucked away although you need either of the following two:
* Access to the servers private pki key
* Access to the client machines and its (pre)master secrets (also need Firefox or Chrome)
Unfortunately, dumping the premaster secret was removed in FireFox