Hi,<div><br></div><div>I'm willing to use this kind of configuration :</div><div><br></div><div>https client -->stunnel --> haproxy --> 2 web servers in http (or more)</div><div><br></div><div>I've understand that haproxy can't handle the ssl part, that's why stunnel is needed.</div>
<div><br></div><div>I've read that a Patch is required for stunnel to work with haproxy in this kind of confirmation</div><div><br></div><div>"<span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; ">I run stunnel 4.32 with patch from </span><a href="http://haproxy.1wt.eu/download/patches/" target="_blank" style="background-color: rgb(255, 255, 255); color: rgb(0, 0, 204); font-family: arial, sans-serif; font-size: 13px; ">http://haproxy.1wt.eu/download/patches/</a><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; "> on port 443 and forward it to port 81 on the same machine which is bound to haproxy."</span></div>
<div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; "><br></span></div><div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; ">Can anyone tell me if this patch is now included in stunnel, </span></div>
<div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; ">in particular, does Ubuntu 11.10 include it ? </span></div><div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; "><br>
</span></div><div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; ">I really would rather stay with package provided by ubuntu in order to have easy upgrade/security fix.</span></div>
<div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; ">I've experiences the work overload of manually compiling everything in Apache for instance ;)</span></div><div>
<span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; "><br></span></div><div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; ">Any advices on this kind of setup ? documentation pointers? best practices ? </span></div>
<div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; "><br></span></div><div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; ">Regards,</span></div>
<div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; ">Thomas.</span></div><div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; "><br>
</span></div><div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; ">here is the current package version on ubuntu 11.10</span></div><div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; "><br>
</span></div><div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; "><br></span></div><div><span style="background-color: rgb(255, 255, 255); "><div><font face="'courier new', monospace">thomas@daisybox:~/Documents$ aptitude show stunnel4</font></div>
<div><font face="'courier new', monospace">Package: stunnel4 </font></div><div><font face="'courier new', monospace">New: yes</font></div><div><font face="'courier new', monospace">State: not installed</font></div>
<div><font face="'courier new', monospace">Version: 3:4.35-2build1</font></div><div><font face="'courier new', monospace">Priority: optional</font></div><div><font face="'courier new', monospace">Section: universe/net</font></div>
<div><font face="'courier new', monospace">Maintainer: Ubuntu Developers <<a href="mailto:ubuntu-devel-discuss@lists.ubuntu.com">ubuntu-devel-discuss@lists.ubuntu.com</a>></font></div><div><font face="'courier new', monospace">Uncompressed Size: 541 k</font></div>
<div><font face="'courier new', monospace">Depends: libc6 (>= 2.11), libssl1.0.0 (>= 1.0.0), libwrap0 (>= 7.6-4~), openssl, netbase, perl-modules</font></div><div><font face="'courier new', monospace">PreDepends: adduser</font></div>
<div><font face="'courier new', monospace">Suggests: logcheck-database</font></div><div><font face="'courier new', monospace">Conflicts: stunnel4</font></div><div><font face="'courier new', monospace">Breaks: stunnel (< 3:4.20-3), stunnel (< 3:4.20-3)</font></div>
<div><font face="'courier new', monospace">Replaces: stunnel, stunnel</font></div><div><font face="'courier new', monospace">Provides: stunnel</font></div><div><font face="'courier new', monospace">Description: Universal SSL tunnel for network daemons</font></div>
<div><font face="'courier new', monospace"> The stunnel program is designed to work as SSL encryption wrapper between remote client and local (inetd-startable) or remote server. The concept is that having non-SSL</font></div>
<div><font face="'courier new', monospace"> aware daemons running on your system you can easily setup them to communicate with clients over secure SSL channel. </font></div><div><font face="'courier new', monospace"> </font></div>
<div><font face="'courier new', monospace"> stunnel can be used to add SSL functionality to commonly used inetd daemons like POP-2, POP-3 and IMAP servers without any changes in the programs' code. </font></div>
<div><font face="'courier new', monospace"> </font></div><div><font face="'courier new', monospace"> This package contains a wrapper script for compatibility with stunnel 3.x</font></div><div><font face="'courier new', monospace">Homepage: <a href="http://www.stunnel.org/">http://www.stunnel.org/</a></font></div>
<div><font face="'courier new', monospace"><br></font></div><div><font face="'courier new', monospace">thomas@daisybox:~/Documents$ aptitude show stunnel</font></div><div><font face="'courier new', monospace">No current or candidate version found for stunnel</font></div>
<div><font face="'courier new', monospace">Package: stunnel</font></div><div><font face="'courier new', monospace">State: not a real package</font></div><div><font face="'courier new', monospace">Provided by: stunnel4</font></div>
<div style="font-family: arial, sans-serif; font-size: 13px; "><br></div></span></div><div><span style="background-color: rgb(255, 255, 255); font-family: arial, sans-serif; font-size: 13px; "><br></span></div>