I know this sort of defeats the whole purpose of stunnel, but I have an LDAP server which listens for non-SSL on one port, and SSL on another. We decided to use stunnel and the SSL port on our LDAP server for security purposes.
However, now we need to see the communication between clients and the LDAP server, in order to debug a production problem. Sniffing won't be terribly useful unless we can turn off the SSL encryption of the communication.
I can't just re-point the application to the non-SSL port because this is stored in a central database and would affect everyone (it's a 3rd pty app), so I just want to change the stunnel.conf file on my PC so that it does port-forwarding but no encryption. Is this possible to do?
Try ssldump on the server-side. It'll allow you to sniff SSL traffic provided you have access to the server certificate+private key.
Jan