Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [stunnel]

Stunnel is a small tool that can wrap the connection of other protocols with SSL/TLS.

Stunnel is a free software based on OpenSSL providing a SSL/TLS encryption wrapper between remote clients and a local or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. Stunnel uses the OpenSSL library for cryptography, so it supports whatever cryptographic algorithms are compiled into the library.

For more information, see the homepage of the project at stunnel.org.

152 questions
1
vote
1 answer

Unreasonably slow stunnel

I setup stunnel on OSX to tunnel traffic to my Django dev server because Facebook needs HTTPS these days but I noticed it's being absurdly slow. It seems like it can only handle a single connection at a time and even the connection is slow when I'm…
Kit Sunde
  • 946
  • 3
  • 12
  • 31
1
vote
0 answers

Switch stunnel from self-signed cert to signed by CA cert

We use stunnel configured to provide SSL-tunnel between SERVER A (where we have stunnel configured as client) and many SERVERS B (where we deployed stunnel configured to work in server mode). We use self-signed certs on both client stunnel and…
sha
  • 111
  • 4
1
vote
3 answers

OpenSource (Layer 4) Load Balancer that can pass through original client IP?

I am setting up a web application which uses SSL for all requests. It needs to have room for scaling and also be highly available. It seems that the "recommended" way to handle this is to setup a pair of Layer 4 load balancers for HA, which pass…
phylae
  • 319
  • 4
  • 10
1
vote
2 answers

stunnel+HAProxy+Apache question, multiple site certificates

currently I'm using the following scheme to serve both static y and dynamic content. I have compiled stunnel with X-Forwarded-For support patch. Internet(http) -> haproxy (frontend1) -> Apache Farm Internet(https) -> stunnel -> haproxy (frontend2)…
AndresVia
  • 253
  • 2
  • 9
1
vote
1 answer

Using virtual IP with stunnel and haproxy

We have a load-balancer setup, in which an HTTPS Request flows through the following steps:- Client -> DNS -> stunnel on Load-Balancer -> HAProxy on LB -> Web-Server This setup works perfectly when stunnel is listening to the local IP of the…
isNaN1247
  • 1,615
  • 3
  • 15
  • 20
1
vote
1 answer

Stunnel, limits.conf

After reading the fine advice and accepted answer at Stunnel too many clients , I'm finding that this looks like our problem, but I'm having trouble applying the solution. First of all, ulimit is a shell thing that impacts processes spawned from…
Kyle
  • 1,849
  • 2
  • 17
  • 23
1
vote
1 answer

Securing stunnel.pem on Windows

How can I prevent reading of the stunnel.pem file by any user other than the service user running Stunnel? How can I permit access to this directory (C:\Program Files\stunnel) in Windows XP to only the Stunnel service?
Engineer2021
  • 591
  • 7
  • 25
1
vote
2 answers

Can't connect to STunnel when it's running as a service

I've got STunnel configured to proxy non SSL POP3 requests to GMail on port 111. This is working fine when STunnel is running as a desktop app, but when I run the STunnel service, I can't connect to port 111 on the machine (using Outlook Express for…
John Francis
  • 133
  • 1
  • 6
1
vote
1 answer

stunnel + squid = 1 request for 5minutes (rest connection reset by peer)

tl;dr; Configuration with stunnel on client which connect to squid proxy with x509 certificate authentication work only for one request per 5minutes. Scenario: Squid and stunnel configured and started wget configured to use localhost as proxy…
Mithrand1r
  • 11
  • 4
1
vote
1 answer

Nginx reverse proxy failing with Stunnel and Mirth FHIR client

I have an application behind a Nginx reverse proxy that I am trying to access from an external client. Both the client and the application only support http. Therefore I am using Stunnel on the client side to map http to https and nginix on the…
skyman
  • 156
  • 4
1
vote
0 answers

IP Camera with PTZ through stunnel

Looking around at first it was suggest to use a reverse proxy to wrap https around and IP camera and then someone mentioned you don't get sound that way so they said use stunnel. I'm looking at stunnel and I'm not sure how to connect to the camera…
Reg
  • 11
  • 2
1
vote
1 answer

HTTPS stunnel error:1408F09B:SSL routines:ssl3_get_record:https proxy request

I am configuring the HTTPS proxy with stunnel and squid. But, I received the Mozilla error page "Secure Connection Failed", in case I am making browser requests through port 44444(stunnel). What I am missing? In case I am making a direct browser…
Awesome Man
  • 111
  • 4
0
votes
0 answers

Error Web Service Stunnel

In Stunnel,I have this configuration: [ws] client = yes accept = 127.0.0.1:80 connect = webservice.it:443 I make a http request to 127.0.0.1:80 and I want that stunnel redirect to webservice.it:443. But it doesn't work. In the log I have this…
stunnelws
  • 1
0
votes
1 answer

stunnel can only accept on port 80, possible iptables configuration

I am trying to get stunnel to forward from a port (eventually via https on 443) to port 8080. The http served on 8080 is already visible correctly by a remote browser. I have tried some 4 versions of stunnel between 4.42 - 4.55. On Ubuntu 16 and…
Bernd Elkemann
  • 101
  • 2
0
votes
1 answer

OpenVPN over stunnel not working when forwarded through router but working internally

I'm trying to set up OpenVPN over stunnel on my personal server. openvpn is in tcp and connects fine outside of stunnel, even when connecting through a port forward on the router. OpenVPN wrapped in stunnel works fine when not connecting through…
mAndroid
  • 103
  • 4
1 2 3
10 11