Oct 26, 2024 · Stunnel is a small tool that can wrap the connection of other protocols with SSL/TLS.

I'm trying to set up Stunnel to server as SSL cache. Everything was smooth, and mostly it works as designed. Then I encountered errors in log files: SSL_accept: 1408F10B: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number Not all clients trigger that, …

I'm trying to use stunnel to be able to use HTTPS (port 443) on my localhost for a development web server running locally on port 8000. It starts and accepts connections, but every time I open https://localhost:443 , the connection is reset immediately.

Sep 18, 2014 · This is fine and great, however, I need to be able to ssh from the server down to the client via the established stunnel. Questions: Can I just ssh directly from the server over the existing stunnel connection (stunnel initiated by the client). This may require a stunnel config change, I'm just a little lost on what I should change.

Jun 8, 2016 · cert = CERT_FILE certificate chain file name The parameter specifies the file containing certificates used by stunnel to authenticate itself against the remote client or server. The file should contain the whole certificate chain starting from the actual server/client certificate, and ending with the self- signed root CA certificate.

Sep 24, 2015 · So I am using stunnel to talk to a SSL server. I would like to see the messages I am sending before they get encrypted and more importantly the messages I am receiving after they get decrypted. I turned on debug logging (level 7) but I still can't see the messages. Below the details: stunnel.conf

Aug 15, 2018 · In these directions for configuring Stunnel on Windows the following text appears : Copy a valid SSL public certificate to the directory "C:\Program Files (x86)\stunnel." To make things more trouble-free, combine the public key and private key certificates into one .PEM file.

Oct 9, 2020 · I have built an alpine linux docker container on 3.11.6 w/ NGINX, Node.js, and stunnel When I go to load stunnel by calling stunnel inside of the running container I get that it cannot find the log...

Sep 16, 2017 · verify = 2 at stunnel config should compare CA of the client to the ones it trusts ; stunnel has CAfile set to CA, which signed both server key and client key; stunnel says it is self-signed certificate and CA is unknown; Also, openssl verify -CAfile=ca.crt <filename> is OK for both server and client.

This will force stunnel to present the full certificate chain to clients. One further tidbit; the openssl s_client command is very useful for testing certificate chain issues and checking how your service is presenting its certificates. Edit: Ok.. that certificate bundle's chain is three-deep, but the trust chain looks two-deep. Something's not ...