One possible solution is to use a proxy. There are a number of specialized HTTP[S] or SOCKS proxies, some of which may be ideally suited for this use or at least easily adaptable to it. The proxy I use most often is called Burp Suite, and is intended for web site testing and isn’t really ideal for your use, but it could technically be coerced into doing what you want.
Preserving the actual TLS traffic including authentication and integrity is a bit of a weird/tricky thing to do. You can record it easily enough using any tool capable of packet capture, but unless you store handshake, the traffic, the symmetric (bulk) encryption key, and the integrity metadata, it will be tricky to prove any given server sent that data.
One possible solution is to use a proxy. There are a number of specialized HTTP[S] or SOCKS proxies, some of which may be ideally suited for this use or at least easily adaptable to it. The proxy I use most often is called Burp Suite, and is intended for web site testing and isn’t really ideal for your use, but it could technically be coerced into doing what you want.
Preserving the actual TLS traffic including authentication and integrity is a bit of a weird/tricky thing to do. You can record it easily enough using any tool capable of packet capture, but unless you store handshake, the traffic, the symmetric (bulk) encryption key, and the integrity metadata, it will be tricky to prove any given server sent that data.