Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [stunnel]

Stunnel is a small tool that can wrap the connection of other protocols with SSL/TLS.

Stunnel is a free software based on OpenSSL providing a SSL/TLS encryption wrapper between remote clients and a local or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. Stunnel uses the OpenSSL library for cryptography, so it supports whatever cryptographic algorithms are compiled into the library.

For more information, see the homepage of the project at stunnel.org.

152 questions
1
vote
1 answer

Use stunnel for Socket.io SSL support

I am trying to add SSL support to my node.js app, while connecting via socket.io. The traffic to socket.io is going to port 80. I would like stunnel to grab encrypted traffic from port 443, unencrypt it, and forward it to post 80. I have…
Kuf
  • 449
  • 2
  • 8
  • 24
1
vote
0 answers

How can I update rekeyed certificates on stunnel?

I have configured stunnel using GoDaddy certificate and it was working fine. Due to some circumstances, I need to rekey the certificate and update the pem file on the load balancer. Upon updating the pem file, it turned out that the certificate…
jay
  • 11
  • 1
1
vote
0 answers

Stunnel only for specific domain

I'm configuring stunnel to encapsulate SSL petitions to Haproxy. Haproxy serves several sites in the same IP address: domain.com - Website app.domain.com - Node.js webserver I acquired an SSL certificate that only is valid for site app.domain.com.…
Daniel Albert
  • 111
  • 5
1
vote
0 answers

Issue connecting to Amazon RDS with stunnel on Windows

I'm trying to set up a local pgbouncer server that then connects using SSL to Amazon's PostgreSQL RDS service. According to pgbouncer's documentation, you need to use something like stunnel to connect. I'm having a heck of a time getting stunnel…
Tamerz
  • 412
  • 3
  • 6
  • 14
1
vote
1 answer

stunnel client uses improper SNI when talking to Apache

I have stunnel listening on port 80 and acting as a client connecting to Apache listening on port 443. Configuration is below. What I'm finding is that if I attempt to connect to localhost:80 the connection is fine but if I connect to…
Huckle
  • 111
  • 1
  • 7
1
vote
0 answers

Keepalived, Junos, and ARP caching

I'm trying to configure an active-passive stunnel setup, with the aid of Keepalived, for a public IP address at our company datacenter. I would like to know if a router or switch reconfiguration is recommended given the following scenario. I…
Andrew Merenbach
  • 11
  • 1
1
vote
1 answer

Stunnel and FIX

I am trying to use Stunnel to connect to a remote server through a proxy (I am using stunnel 4.56). Here is my config file stunnel.conf: cert = stunnel.pem key = stunnel.pem [https] accept = 127.0.0.1:556 protocolHost= 128.45.65.36:80 connect =…
user171186
  • 51
  • 1
  • 5
1
vote
1 answer

stunnel can't bind to 0.0.0.0

I keep getting this error when trying to use stunnel to work between my sbs2003 server and office 365 mail server: stunnel: bind permission denied (wsaeacces) (10013) to 0.0.0.0:110 Does anyone have any ideas as to what may be holding onto 110 or…
David Logan
  • 11
  • 1
  • 2
1
vote
1 answer

Redirect non-https traffic when using Varnish and nginx

I am using Stunnel, Varnish, and nginx with a nodejs app, and I'm having trouble redirecting non-https pages (http://manager.domain.com) to their respective https page (https://manager.domain.com). I just get stuck in a redirect loop because all the…
Errol Fitzgerald
  • 475
  • 1
  • 7
  • 17
1
vote
0 answers

stunnel Haproxy ldap authentication

in our setup port 433 is handled by stunnel. After that haproxy will dispatches the request to the appropriate backend. I have managed to enable authentication in haproxy. But the users and passwords are sitting in the haproxy.conf file. Is there a…
Arjen Dijkstra
  • 113
  • 5
1
vote
1 answer

Stunnel delaying boot

My stunnel implementation works fine when the network is plugged in but it takes an awful amount of time, which delays the whole boot process, when there is no network connected to the machine. As extra information: I'm using "delay=yes" I'm using…
Onitlikesonic
  • 1,161
  • 4
  • 15
  • 24
1
vote
3 answers

Stunnel Connection Issue: 140943F2 SSL3_READ_BYTES:sslv3 alert unexpected message

Cant seem to connect using stunnel to the other party. Getting an error: SSL_connect: 140943F2: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message Any idea?
DD.
  • 3,024
  • 10
  • 34
  • 50
1
vote
1 answer

SSL, Front-end caches, and web servers

I'm looking to add SSL to some sites. My current setup is varnish -> nginx -> python wsgi server. The varnish sits at the front and caches both static and dynamic content. The nginx server serves up the static media from disk and proxies other…
coleifer
  • 131
  • 3
1
vote
1 answer

Does stunnel support multiple forwardings over the same connection?

A lot of the tutorials on stunnel show only single forwardings. It stunnel limited to only fowarding and listening to one port on both ends, or can it handle both local and remote forwarding in the way putty, my favorite does? Eg in putty or ssh you…
vfclists
  • 1,562
  • 5
  • 20
  • 36
1
vote
2 answers

Stunnel Error binding pop3s to 0.0.0.0:110

I'm setting up stunnel so a non SSL enabled app can access a Gmail / Google Apps account. Here's the config I'm using: CLIENT=YES [pop3s] accept = 110 connect = pop.gmail.com:995 [imaps] accept = 143 connect = imap.gmail.com:993 [ssmtp] accept =…
Tom
  • 736
  • 2
  • 9
  • 23
1 2 3
10 11