All,

I have a problem similar to the one described in http://mirt.net/pipermail/stunnel-users/2006-October/001324.html i.e. I ***wish*** to use the recording functionalities of JMeter while accessing an apache-SSL-secured Tomcat web server.

JMeter does not allow recording on SSL so I have to ... un-cipher my HTTPS sessions, stunnel looks like the right choice.

Being an stunnel newbie, I started here: http://www.stunnel.org/examples/https_client.html , this HOWTO looks quite close to my configuration.

We have a plain-vanilla tomcat server behind an apache/SSL, and I want to access this web application from an HTTP-only browser.

So, I configure stunnel as a "client", I run it on my PC, with the following configuration:

[psuedo-https] accept = 8080 connect = <server>:443 TIMEOUTclose = 0

I read it as follows: stunnel talk cleartext HTTP on the local 8080 port and forwards in crypted HTTPS on the <server> port 443

I set the URL in my browser to http://localhost:8080/oi/ and this happens:

1) Ethereal sez that my PC and <server> start an SSLv3 conversation, good, we're on track

2) I have an HTTP analyzer plugged in my browser that shows me the content of the first GET that is a redirect to an SSO server (on the same <server>:443 port) for user authentication

https://<server>/ssoserver/login?service=......

3) My browser then issue a GET to https://<server>/ssoserver/login?service=...... and is GAME OVER, my beloved stunnel is cleanly bypassed by the hardcoded https://<server>/ string

Any suggestion? Is it a dead end? Any dirty trick I could play with? Such as running multiple stunnel instances, setting <server> = localhost in my hosts file etc.?

Thanks,

Ezio