[stunnel-users] Sniffing the network --how to disable SSL?

• Previous message (by thread): [stunnel-users] Sniffing the network --how to disable SSL?
• Next message (by thread): [stunnel-users] Some newbie question for stunnel
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I know this sort of defeats the whole purpose of stunnel, but I have an
> LDAP server which listens for non-SSL on one port, and SSL on another.
> We decided to use stunnel and the SSL port on our LDAP server for
> security purposes.
> 
> However, now we need to see the communication between clients and the
> LDAP server, in order to debug a production problem. Sniffing won't be
> terribly useful unless we can turn off the SSL encryption of the
> communication.
> 
> I can't just re-point the application to the non-SSL port because this
> is stored in a central database and would affect everyone (it's a 3rd
> pty app), so I just want to change the stunnel.conf file on my PC so
> that it does port-forwarding but no encryption. Is this possible to do?

Try ssldump on the server-side.  It'll allow you to sniff SSL traffic
provided you have access to the server certificate+private key.

Jan

• Previous message (by thread): [stunnel-users] Sniffing the network --how to disable SSL?
• Next message (by thread): [stunnel-users] Some newbie question for stunnel
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]