Sorry, I replied to your address instead my mistake :S
On Wed, 27 Jan 2021 21:11:53 +0000 David Brower davidbrower@hotmail.com wrote:
I updated the TCP client to send the message to port 13001 but when I check Wireshark I can still see the contents of the message in plaintext. Shouldn't I no longer be able to see the unencrypted contents of this message?
Hi,
That is perfectly normal. Between the program and Stunnel all is sent in plain text. Then Stunnel sends it to a server already encrypted. Consider it as a road tunnel. You see the cars entering and exiting, but not on transit. S-tunnel. Secure-Tunnel.
Unless you have a malware locally capable to sniff loopback/assigned addresses or you are sending unencrypted to a Stunnel instance in another machine (sent to that machine in plain text until reach the Stunnel instance) in a vulnerable network, that shouldn't worry you.
Regards.