<div><br></div><div>Accept does takes the ip : </div><div><br></div><div><br></div><div><dt style="font-family:'Times New Roman';background-color:rgb(255,255,255);font-size:medium"><strong><a name="accept_address" class="item"><strong>accept</strong> = address</a></strong></dt>
<dd style="font-family:'Times New Roman';background-color:rgb(255,255,255);font-size:medium"><p>accept connections on specified address</p><p><b>If no host specified, defaults to all IPv4 addresses for the local host.</b></p>
<p>To listen on all IPv6 addresses use:</p><pre> connect = :::port</pre></dd></div><div><br></div>And having a port different than 443 is not acceptable.<div>(lot of accept word :D)</div><div><br></div><div>Thomas.</div>
<div><br><div class="gmail_quote">On Fri, Feb 10, 2012 at 22:17, Kevin Decherf <span dir="ltr"><<a href="mailto:kevin@kdecherf.com">kevin@kdecherf.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div class="gmail_quote"><div><div class="h5">On Fri, Feb 10, 2012 at 10:09 PM, Thomas Manson <span dir="ltr"><<a href="mailto:dev.mansonthomas@gmail.com" target="_blank">dev.mansonthomas@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi,<div><br></div><div> I want to setup the following architecture : </div><div><br></div><div>stunnel ---> haproxy --> 2 webserver.</div><div><br></div><div>I run severa virtual host on the 2 webservers, and a subset of them needs https.</div>
<div><br></div><div>I can allocate several IP address for the host that run stunnel.</div><div><br></div><div>How do I configure a single stunnel process to have a certificate per IP for the port https?</div><div><br></div>
<div>I tryed to add several section like the following : </div><div><br></div><div><div>[<a href="http://mansonthomas.com" target="_blank">mansonthomas.com</a>]</div><div>cert = /etc/stunnel/sites/<a href="http://mansonthomas.com/mansonthomas.com.crt" target="_blank">mansonthomas.com/mansonthomas.com.crt</a></div>
<div>accept = <a href="http://88.190.17.222:443" target="_blank">88.190.17.222:443</a></div><div>connect = <a href="http://127.0.0.1:82" target="_blank">127.0.0.1:82</a></div><div><br></div><div>xforwardedfor = yes</div>
<div>TIMEOUTclose = 0</div>
</div><div><br></div><div><br></div><div>So the question is : Is it possible ? </div><div>do you have a sample configuration file to share for this use case?</div></blockquote><div><br></div></div></div>Hi,<div><br></div>
<div>I don't know if 'accept' supports IP but you can use several ports on the same IP and redirect these ports with iptables to the dedicated IP</div>
<div><br clear="all">----<span class="HOEnZb"><font color="#888888"><br>Kevin Decherf - M: <a href="tel:%2B33%20681194547" value="+33681194547" target="_blank">+33 681194547</a> - T: @Kdecherf</font></span></div></div><br>
</div>
<br>_______________________________________________<br>
stunnel-users mailing list<br>
<a href="mailto:stunnel-users@stunnel.org">stunnel-users@stunnel.org</a><br>
<a href="http://stunnel.mirt.net/mailman/listinfo/stunnel-users" target="_blank">http://stunnel.mirt.net/mailman/listinfo/stunnel-users</a><br>
<br></blockquote></div><br></div>