[stunnel-users] Sniffing the network --how to disable SSL?
Jan Meijer
jan.meijer at surfnet.nl
Thu Jan 12 11:13:59 CET 2006
> I know this sort of defeats the whole purpose of stunnel, but I have an
> LDAP server which listens for non-SSL on one port, and SSL on another.
> We decided to use stunnel and the SSL port on our LDAP server for
> security purposes.
>
> However, now we need to see the communication between clients and the
> LDAP server, in order to debug a production problem. Sniffing won't be
> terribly useful unless we can turn off the SSL encryption of the
> communication.
>
> I can't just re-point the application to the non-SSL port because this
> is stored in a central database and would affect everyone (it's a 3rd
> pty app), so I just want to change the stunnel.conf file on my PC so
> that it does port-forwarding but no encryption. Is this possible to do?
Try ssldump on the server-side. It'll allow you to sniff SSL traffic
provided you have access to the server certificate+private key.
Jan
More information about the stunnel-users
mailing list