Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [stunnel]

Stunnel is a small tool that can wrap the connection of other protocols with SSL/TLS.

Stunnel is a free software based on OpenSSL providing a SSL/TLS encryption wrapper between remote clients and a local or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. Stunnel uses the OpenSSL library for cryptography, so it supports whatever cryptographic algorithms are compiled into the library.

For more information, see the homepage of the project at stunnel.org.

152 questions
4
votes
3 answers

STunnel Not Reading Configuration File

I generated an SSL certificate as specified on the answer to stunnel: SSL-to-SSL? (for smtp/imap) And have the following configuation file: cert = /home/marshall/stunnels/certs/umistunnel.keys ; protocol version (all, SSLv2, SSLv3,…
Marshall Anschutz
  • 221
  • 2
  • 7
4
votes
4 answers

Is there an SSL equivelent to an ssh agent?

Here is my situation: There are a number of developers who all need to have access to be able to install ruby gems and python eggs from a remote source. Currently, we have a server inside our firewall that hosts the gems and eggs. We now want the…
Matthew J Morrison
  • 165
  • 1
  • 1
  • 8
4
votes
0 answers

Confused about stunnel's TIMEOUTclose setting

I understand from the stunnel documentation and from what I read on the Internet that MS has a buggy implementation of SSL; it fails to send a close_notify thing. The solution, says the documentation, is to set TIMEOUTclose=0. Being far from an SSL…
Antonis Christofides
  • 2,556
  • 2
  • 22
  • 35
4
votes
1 answer

Is stunnel capable of working like ssh -R?

I have a machine running MySQL (Windows), on a private network (let's say 192.168.1.10), behind a masquerading gateway. No port forwarding to 192.168.1.10 is possible. I also have a server with a public ip (a.b.c.d) which I need to connect to…
Unknown
  • 1,291
  • 2
  • 13
  • 19
3
votes
1 answer

Is it necessary to use Stunnel while using Postfix with Amazon SES?

I have configured AWS SES with postfix to send emails. Is it necessary to use Stunnel while using Postfix 3.1.0 with AWS SES?
Basanta Sharma
  • 33
  • 2
3
votes
1 answer

ldapsearch doesn't work wih ldap.google.com via stunnel

Can't get it working. I have to use stunnel to be able integrate Jenkins with Google LDAP service. It works fine without stunnel $ LDAPTLS_CERT=/etc/stunnel/gldap.crt LDAPTLS_KEY=/etc/stunnel/gldap.key \ ldapsearch -H ldaps://ldap.google.com -b…
ALex_hha
  • 7,025
  • 1
  • 23
  • 39
3
votes
1 answer

Server closed connection error when checking if key exists in a redis cluster using stunnel

Using redis-cli command line utility with the -c switch to connect to a redis cluster with stunnel configured and running. When I execute the EXISTS command to verify a key, as expected, it redirects to the node that contains the key however, get…
Ray
  • 700
  • 1
  • 9
  • 13
3
votes
1 answer

Stunnel with SNI: Section *name*: SNI section name not found

Im trying to use stunnel with 2 domains on the same IP. My conf is this: ;key = /etc/ssl/private/namecheap/server.key # See this link http://www.sysadminworld.com/2011/how-do-i-use-an-intermediate-certificate-with-stunnel/ # The intermediatev.pem…
dasdasd
  • 131
  • 3
3
votes
0 answers

stunnel TIMEOUTconnect on Ubuntu 15.10

We use stunnel extensively for LDAP proxying. We recently set up a Ubuntu 15.10 server to migrate some of the tunnels to and are unable to get it to work. We've scraped through the logs, configs, docs, etc. and at our wits end on figuring it out.…
Dave
  • 31
  • 2
3
votes
1 answer

How to log/see the traffic going through stunnel before/after encryption?

So I am using stunnel to talk to a SSL server. I would like to see the messages I am sending before they get encrypted and more importantly the messages I am receiving after they get decrypted. I turned on debug logging (level 7) but I still can't…
Peter Mel
  • 131
  • 1
  • 1
  • 3
3
votes
0 answers

Why is the loopback device needed on a client side of Stunnel?

This SANS Institute guide states that "On the client side, a port listening on the loopback interface of the local system would send/receive data on the clear-text protocol and tunnel out on an ephemeral port to connect to the secured port of…
Withheld
  • 187
  • 1
  • 1
  • 7
3
votes
1 answer

Set up stunnel to wrap SSL for a single application

I am trying to use stunnel to get an older usenet client to support SSL. I tried the following config: [myservice] accept = connect = : but stunnel kept failing with the error: Section myservice: SSL server…
Mark Lodato
  • 191
  • 7
3
votes
3 answers

reverse ssh tunnel over stunnel (or just reverse back down the stunnel connection)

I'm creating a security "dropbox" that can be deployed behind nat or any firewall, call out to a controlled publicly accessible server and then initiate control from the server. I know this is easily done with an ssh -R command, however, I'm looking…
eficker
  • 873
  • 1
  • 7
  • 8
3
votes
1 answer

Does stunnel cache DNS?

I'm using stunnel in client mode to proxy between my Haproxy and a HTTPS backend server. I've read that Haproxy caches the resolved IPs on each config load, which isn't a problem in my current setup. However, it got me thinking whether or not…
John K. Chow
  • 171
  • 1
  • 6
3
votes
2 answers

why is stunnel doing this

I am trying to setup stunnel to encrypt traffic from rsyslog (using the relp protocol), but whenever I try starting stunnel and sending logs to the remote server, i get the following: Remote socket (FD=13) closed Feb 15 01:25:55 ruby…
lacrosse1991
  • 1,407
  • 5
  • 19
  • 24
1
2
3
10 11