Hi!

I'm wondering if it is possible to modify payload before it is encrypted?

I have a stunnel config which intercepts TLS.

I have the following config:

[server]
client = no
cert= /etc/stunnel/stunnel.pem
accept = 127.0.0.1:11010
connect = 127.0.0.1:12220

[client]
client = yes
accept = 127.0.0.1:12220
connect = remoteserver_ip:12222

So when posting TLS messages on port 11010 from my TLS-client on the same server, I can connect to port 12220 using tcp-dump and read the payload unencrypted.

Is it possible to alter the payload before it is sent? In that case any pointers would

be appreciated , I have tried searching but it does not seem to be a common use case. Would be great if I could tunnel it somewhere else and back (external python program).

Thanks in  advance,

S