Hi,

Chrome is not able to know that behind the SSL connection there will be another SSL connection and not plain HTTP, that's your problem.

In order to achive your goal for point 2 (btw I don't think that this kind of configuration has any sense honestly) you need to run an instance of stunnel in client mode on your computer that connects to the 443 endpoint of stunnel server. Then it will listen on a port that you decide (i.e. 8443). At this point you have to point chrome to https://localhost:8443 and all will works *but* with some problems about certificate. This time chrome will get an handshake with the webserver and not with stunnel server.

I hope that you understand that this is not a normal configuration and there is no need to double encrypt the HTTP connection.

Kind regards.