Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [stunnel]

Stunnel is a small tool that can wrap the connection of other protocols with SSL/TLS.

Stunnel is a free software based on OpenSSL providing a SSL/TLS encryption wrapper between remote clients and a local or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. Stunnel uses the OpenSSL library for cryptography, so it supports whatever cryptographic algorithms are compiled into the library.

For more information, see the homepage of the project at stunnel.org.

152 questions
2
votes
1 answer

Using multiple SSL certificates with Stunnel

I have a HAProxy + stunnel setup, I would like to have different certificates for my domain and submdomain. Certificate 1 - example.com Certificate 2 - foo.example.com How do I configure Stunnel to do this? It works fine with just one certificate…
Ananth Ravi
  • 125
  • 4
2
votes
3 answers

Stunnel multiple ports through the same Port

I'm looking for some help regarding an stunnel configuration I'm working on. Basically I want to have a DMZ machine accept inbound connections to port 80 and 110, and then forward them through my firewall on port 22 to a machine that will then…
user206200
  • 21
  • 1
  • 2
2
votes
1 answer

Encrypting peer-to-peer application with iptables and stunnel

I'm running legacy applications in which I do not have access to the source code. These components talk to each other using plaintext on a particular port. I would like to be able to secure the communications between the two or more nodes using…
Jonathan Oliver
  • 319
  • 1
  • 3
  • 13
2
votes
1 answer

How do I get iPXE to boot from HTTPS server with self signed cert?

I am chainloading iPXE (undionly.kpxe) and using an embedded script wanting to boot from HTTPS. The problem is the HTTPS server is connecting to the http server (a custom service) via stunnel using a self signed certificate created with: openssl req…
hookenz
  • 14,132
  • 22
  • 86
  • 142
2
votes
1 answer

Stunnel + Varnish + Apache questions

I am currently running Varnish in front of apache for all http traffic. I added stunnel so as to take advantage of the cache for HTTPS connections as well. So, for HTTPS, stunnel talks to varnish which then talks to Apache. The problem is that when…
Nikolaos Kakouros
  • 163
  • 1
  • 6
2
votes
1 answer

stunnel error when connecting from a news reader: SSL3_READ_BYTES:tlsv1 alert unknown ca

I'm trying to set up stunnel to provide secure access to an nntp server. Following the instructions here I created a self-signed key and certificate. The commands I ran were: openssl genrsa -des3 -out server.key 1024 openssl req -new -key server.key…
skyler
  • 465
  • 3
  • 7
  • 17
2
votes
2 answers

Should I use an ssl terminator or just haproxy?

I'm trying to figure out how to set up my architecture for a socket.io app that will require both https and wss connections. I've found many tutorials on the web suggesting that you use something like stud or stunnel in front of haproxy, which then…
Justin Meltzer
  • 621
  • 1
  • 9
  • 18
2
votes
0 answers

pfsense + haproxy + stunnel as reverse proxy with load balancing and ssl terminaltion

i have this topology as title says with a pfsense with installed haproxy and stunnel. Because i saw that haproxy can't do ssl termination i thought about stunnel. But i don't know how to set up it. My load balancer is not in the haproxy but in the…
anksoWX
  • 31
  • 1
  • 5
2
votes
2 answers

Replace Cisco 2600 PTP T1

Our office and an outside location have a dedicated T1 point to point connected with Cisco2600's. We need to eliminate the need of the T1 circuit as it is costly and would like to route the traffic over our main ISP with Comcast. I'm pretty sure I…
xedgex
  • 71
  • 1
  • 1
  • 5
2
votes
1 answer

HTTPS Stunnel and Haproxy

I am trying to use stunnel infront of Haproxy for SSL support. SSL certificates are located according to stunnel configuration. I am also able to get the https connection, but every time I use https, session get lost. I am not using tomcat 8443 port…
panalbish
  • 65
  • 1
  • 1
  • 9
2
votes
2 answers

Ubuntu: Compressed, but not encrypted, tunnel for TCP?

How can I set up a tunnel for TCP connections between two hosts so that I can test a few different compression algorithms? I'm aware of stunnel & SSH, but want to avoid the overhead of encryption. To avoid TCP-in-TCP flow issues, UDP as the…
nonot1
  • 1,069
  • 1
  • 12
  • 16
2
votes
1 answer

Unable to connect to remote secure site using stunnel

I've got a remote machine I need to connect to that uses HTTPS and a client I need to connect to it with that doesn't support HTTPS. Enter stunnel. I'm running it as follows, then connecting with the client from another machine: $ stunnel -c -f -d…
Morinar
  • 141
  • 2
  • 7
2
votes
1 answer

stunnel Unable to Locate Log File

I have built an alpine linux docker container on 3.11.6 w/ NGINX, Node.js, and stunnel When I go to load stunnel by calling stunnel inside of the running container I get that it cannot find the log file /var/log/stunnel/stunnel.log but the file does…
object Object
  • 131
  • 7
1
vote
2 answers

Can sslh differentiate between OpenVPN and HTTPS after they've been through STunnel?

Can sslh tell the difference between OpenVPN traffic and HTTPS traffic efter they have both been through STunnel? Like this: .---------. .------.HTTP/TCP.-------------. -->| stunnel |---->| sslh |------->| HTTP server | '---------' …
Benji Collins
  • 11
  • 2
1
vote
0 answers

stunnel dropping first packet

I'm looking to send GELF (Graylog Extended Log Format) log messages from a logstash instance to Graylog. But since the GELF output in logstash does not support TLS I want to use stunnel to encrypt the communication instead. I have set up a test…
Sprvn
  • 11
  • 3
1 2 3
10 11