<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Hugo,<br>
You have all the answers in my previous mail, although "summarized".<br>
Anyway, please have a look at this :<br>
<br>
When you say "if user connects on ssl.example.com, <stunnel>
forward frames"<br>
THEN you understand that you need SOMETHING to INTERCEPT AND
REDIRECT the request of the client to the host "ssl.example.com" to
YOUR stunnel GATEWAY (supposed on localhost),<br>
RIGHT ?<br>
<br>
So there must be something like iptable or a trick in DNS client or
something like your own DNS server on local network to do that job.<br>
Tricking /windows/system32/drivers/etc/host file is a way to achieve
this step.<br>
<br>
Then have a stunnel having 3 services declared and so on ...<br>
<br>
Pierre<br>
<br>
<br>
<br>
<br>
<br>
Le 30/10/2010 22:28, Hugo a écrit :
<blockquote cite="mid:4CCC7FEE.2030300@gkz.fr.nf" type="cite">
<pre wrap="">It's what I wanted to do: redirect the public 443 port on the correct local stunnel "accept:" port or service.
I'd set 3 services with 3 different certificates on 3 ports.
By eg, my first domain is ssl.example.com and the second admin.example.com. These two records point on the same IP.
Stunnel has two services on that, so it binds two ports (!=443) (eg, 7100 and 7200)
Is there a way to stunnel (or another program) bind on port 443 and, if user connects on ssl.example.com, forward frames/respond using the service/port 7100, and the same for admin.example.com on 7200?
<a class="moz-txt-link-freetext" href="https://ssl.example.com">https://ssl.example.com</a> ==> <a class="moz-txt-link-freetext" href="https://ssl.example.com:7100">https://ssl.example.com:7100</a>
<a class="moz-txt-link-freetext" href="https://admin.example.com">https://admin.example.com</a> ==><a class="moz-txt-link-freetext" href="https://admin.example.com:7200">https://admin.example.com:7200</a> ?
Thanks
Message: 2
Date: Sat, 30 Oct 2010 11:45:19 -0400 (EDT)
From: Jon Daley <a class="moz-txt-link-rfc2396E" href="mailto:stunnel@jon.limedaley.com"><stunnel@jon.limedaley.com></a>
To: <a class="moz-txt-link-abbreviated" href="mailto:stunnel-users@mirt.net">stunnel-users@mirt.net</a>
Subject: Re: [stunnel-users] Many services on the same port
(VirtualHost)
Message-ID: <a class="moz-txt-link-rfc2396E" href="mailto:alpine.DEB.2.00.1010301139120.19689@orange.limedaley.com"><alpine.DEB.2.00.1010301139120.19689@orange.limedaley.com></a>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
On Sat, 30 Oct 2010, Hugo wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Does anyone knows a way to make many services listening on the same port?
I've got one stunnel4 server which allows me to crypt two http servers.
The first service bind on port 465 and the second on 470.
What I will is to let user access on the port 465 using 2 different
ServerNames.
</pre>
</blockquote>
<pre wrap=""> I am not sure what you are trying to do. You want clients to
connect via https to ports 465 on two different IPs and then stunnel to
forward them to the appropriate http daemon?
I am not sure if stunnel works in that method - that is the
reverse of what I use stunnel for - I connect via an unencrypted
connection, and forward via stunnel to an encrypted daemon.
And if you are talking about virtually hosting https connections,
that will work, as long as the certificate contains both servernames - you
can't use two different certificates, because you don't know which
certificate to serve until after the connection is encrypted.
</pre>
<pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
stunnel-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:stunnel-users@mirt.net">stunnel-users@mirt.net</a>
<a class="moz-txt-link-freetext" href="http://stunnel.mirt.net/mailman/listinfo/stunnel-users">http://stunnel.mirt.net/mailman/listinfo/stunnel-users</a>
</pre>
</blockquote>
<br>
</body>
</html>