<div dir="ltr"><div class="gmail_extra">SOLVED. Found the problem.</div><div class="gmail_extra"><br></div><div class="gmail_extra">Step 1: make a web server</div><div class="gmail_extra"><br></div><div class="gmail_extra">
$ echo "complex world" | nc -l 80 # run a webserver</div><div class="gmail_extra"><br></div><div class="gmail_extra">Step 2: make a https server connects to step 1</div><div class="gmail_extra"><br></div><div class="gmail_extra">
<div class="gmail_extra">$ cat /etc/stunnel/stunnel.conf </div><div class="gmail_extra">pid = /stunnel.pid</div><div class="gmail_extra">cert=/etc/stunnel/a.crt</div><div class="gmail_extra">CAfile=/etc/stunnel/<a href="http://a.ca">a.ca</a></div>
<div class="gmail_extra">key=/etc/stunnel/a.key</div><div class="gmail_extra">sslVersion = all<br></div><div class="gmail_extra">client=no</div><div class="gmail_extra">debug = 7<br></div><div class="gmail_extra">output = /var/log/stunnel.log</div>
<div class="gmail_extra">[https]</div><div class="gmail_extra">accept=443</div><div class="gmail_extra">connect=80</div><div class="gmail_extra">TIMEOUTclose = 0</div></div><div class="gmail_extra">$ pgrep -f stunnel | xargs kill -9; stunnel</div>
<div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra">Step 3: verify SSL is working of step 2</div><div class="gmail_extra"><br></div><div class="gmail_extra">$ openssl s_client -ssl3 -connect <a href="http://server1.com:443">server1.com:443</a><br>
</div><div class="gmail_extra">lot of data.. and SSL handshake has read 3029 bytes and written 354 bytes means successfully installed</div><div class="gmail_extra"><br></div><div class="gmail_extra">Step 4: final </div><div class="gmail_extra">
<br></div><div class="gmail_extra">$ curl -v "<a href="https://server1.com">https://server1.com</a>" </div><div class="gmail_extra">or</div><div class="gmail_extra">$ google-chrome "<a href="https://server1.com">https://server1.com</a>"</div>
<div class="gmail_extra"><br></div><div class="gmail_extra">i get the output from webserver and the url stays in https:// </div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra">
<b>Summary: Google App Engine is pain (someone please fix it or report Google, cause Google App engine is now became very popular but its pain when you use it with stunnel + apache).</b> They have a redirect which cause the SSL/HTTPS not working it was confusing if stunnel issue or apache issue. In apache you can do the same by following this which proves that Google App Engine is EVIL for https.</div>
<div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra">Apache2, in CentOS 6.4:</div><div class="gmail_extra"><br></div><div class="gmail_extra">Step 2: same as above stunnel but if you want without stunnel and use apache then you need as below:</div>
<div class="gmail_extra"><br></div><div class="gmail_extra">$ cat /etc/httpd/conf.d/ssl.conf</div><div class="gmail_extra"><div class="gmail_extra">LoadModule ssl_module modules/mod_ssl.so</div><div class="gmail_extra">Listen 443</div>
<div class="gmail_extra"><br></div><div class="gmail_extra">SSLPassPhraseDialog builtin</div><div class="gmail_extra">SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)</div><div class="gmail_extra">SSLSessionCacheTimeout 300</div>
<div class="gmail_extra">SSLMutex default</div><div class="gmail_extra">SSLRandomSeed startup file:/dev/urandom 256</div><div class="gmail_extra">SSLRandomSeed connect builtin</div><div class="gmail_extra">#SSLRandomSeed startup file:/dev/random 512</div>
<div class="gmail_extra">#SSLRandomSeed connect file:/dev/random 512</div><div class="gmail_extra">#SSLRandomSeed connect file:/dev/urandom 512</div><div class="gmail_extra">SSLCryptoDevice builtin</div><div class="gmail_extra">
#SSLCryptoDevice ubsec</div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra">NameVirtualHost SERVER1:443</div><div class="gmail_extra"><VirtualHost SERVER1:443></div><div class="gmail_extra">
SSLEngine on</div><div class="gmail_extra"> SSLProxyEngine On</div><div class="gmail_extra"> ProxyPreserveHost On</div><div class="gmail_extra"> #ProxyRequests Off</div><div class="gmail_extra"> SSLProtocol all -SSLv2</div>
<div class="gmail_extra"> SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW</div><div class="gmail_extra"><br></div><div class="gmail_extra"> SSLCertificateFile /etc/stunnel/a.crt</div><div class="gmail_extra">
SSLCertificateKeyFile /etc/stunnel/a.key</div><div class="gmail_extra"> SSLCertificateChainFile /etc/stunnel/<a href="http://a.ca">a.ca</a></div><div class="gmail_extra"><br></div><div class="gmail_extra"> ServerName SERVER1</div>
<div class="gmail_extra"> ProxyPass / <a href="http://SERVER1">http://SERVER1</a></div><div class="gmail_extra"> ProxyPassReverse / <a href="http://SERVER1">http://SERVER1</a></div><div class="gmail_extra">
#ProxyPassReverseCookiePath /MYSITE/ /</div>
<div class="gmail_extra"> CacheDisable *</div><div class="gmail_extra"></VirtualHost></div><div>$ service httpd restart</div></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra">
<br></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div></div>