<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    Hi All ,<br>
    it's mandatory for use stunnel wich the infrastructure has client
    stunnel and server stunnel ??<br>
    <br>
    Or I can have client stunnel vs Web server HTTPS without stunnel
    server , only web server https .<br>
    <br>
    I newbie in stunnel , but i think is  mandatory install stunnel in
    both sites , that's is correct?<br>
    <br>
    Regards<br>
    <br>
    <br>
    <div class="moz-cite-prefix">On 05/03/18 20:23, Carlos Castro wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:59947d28-4807-6b52-2a1c-eb9e2f5a6cf7@gmail.com">
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
      <p>Thanks @Mike</p>
      <p>If possible use Squid  + stunnel  to solve the problem with
        host header? The application is very very old .</p>
      <p>Thanks<br>
      </p>
      <br>
      <div class="moz-cite-prefix">On 05/03/18 20:06, Mike Spooner
        wrote:<br>
      </div>
      <blockquote type="cite"
        cite="mid:65560381.2.1520276818821.JavaMail.mike.spooner.ux@gmail.com">
        <p>The problem is the "Host: ..." header that is being sent to
          the remote server. You need to configure 127.0.0.1:19021 as a
          proxy in your app (and curl) and then have the app (curl)
          fetch <a class="moz-txt-link-freetext"
            href="https://ctm.omego.net" moz-do-not-send="true">https://ctm.omego.net</a><br>
        </p>
        <p> <br>
        </p>
        <p>Not sure how to do that in curl, but search the curl manpage
          for any mentions of "proxy".<br>
          <br>
        </p>
        <p>-- Mike Spooner<br>
          <br>
        </p>
        <div class="dm__nested">
          <div class="dm__nested_header">--------- Original Message
            ---------<br>
            <b>From</b>: Carlos Castro <carlos.castro.guerrero@gmail.com><br>
              <b>Date</b>: Mon Mar 05 12:28:15 GMT+00:00 2018<br>
              <b>Subject</b>: Re: [stunnel-users] Connect using TLS with
              public Web Server<br>
            </carlos.castro.guerrero@gmail.com></div>
          Hello<br>
          <br>
          Thanks @Peter<br>
          <br>
          <br>
          Yes , my application not support TLS and I need the
          application connect <br>
          using TLS , for this i using stunnel (i hope)<br>
          <br>
          When I make curl -v <a class="moz-txt-link-freetext"
            href="http://127.0.0.1:19021" moz-do-not-send="true">http://127.0.0.1:19021</a> 
          :<br>
          <br>
          curl -v <a class="moz-txt-link-freetext"
            href="http://127.0.0.1:19201" moz-do-not-send="true">http://127.0.0.1:19201</a><br>
          * Rebuilt URL to: <a class="moz-txt-link-freetext"
            href="http://127.0.0.1:19201/" moz-do-not-send="true">http://127.0.0.1:19201/</a><br>
          *   Trying 127.0.0.1...<br>
          * Connected to 127.0.0.1 (127.0.0.1) port 19201 (#0)<br>
          > GET / HTTP/1.1<br>
          > Host: 127.0.0.1:19201<br>
          > User-Agent: curl/7.47.0<br>
          > Accept: */*<br>
          ><br>
          * HTTP 1.0, assume close after body<br>
          < HTTP/1.0 400 Bad Request<br>
          < Server: AkamaiGHost<br>
          < Mime-Version: 1.0<br>
          < Content-Type: text/html<br>
          < Content-Length: 208<br>
          < Expires: Mon, 05 Mar 2018 12:25:53 GMT<br>
          < Date: Mon, 05 Mar 2018 12:25:53 GMT<br>
          < Connection: close<br>
          <br>
          The web ctm.omgeo.net only works in mode HTTPS , .<br>
          <br>
          Thanks Peter<br>
          <br>
          <br>
          On 05/03/18 13:22, Peter Pentchev wrote:<br>
          > On Mon, Mar 05, 2018 at 12:32:41PM +0100, Carlos Castro
          wrote:<br>
          >> Hello ,<br>
          >><br>
          >> Thanks @Peter<br>
          >><br>
          >> I'm trying to configure to connect with my PC to this
          Public server<br>
          >> <a class="moz-txt-link-freetext"
            href="https://ctm.omgeo.net" moz-do-not-send="true">https://ctm.omgeo.net</a>
          using TLS1.2 but i don't can.<br>
          >><br>
          >> I'm need setup stunnel for old application doesn't
          support TLS , and this<br>
          >> application need connect with this public server to
          send data.<br>
          >><br>
          >><br>
          >> I'm using the Peter config , but nothing . I try this
          config :<br>
          >><br>
          >> [omgeo]<br>
          >> client = yes<br>
          >> accept = 127.0.0.1:19201<br>
          >> connect = ctm.omgeo.net:443<br>
          >> verify = 2<br>
          >> CApath = /etc/ssl/certs/<br>
          >><br>
          >><br>
          >> I'm using Curl to try connect  , I'm recive this
          error<br>
          >><br>
          >> /etc/ssl/certs# curl -v <a
            class="moz-txt-link-freetext" href="https://127.0.0.1:19201"
            moz-do-not-send="true">https://127.0.0.1:19201</a><br>
          > Maybe I'm reading this wrong, but if your client
          application does not<br>
          > support TLS, then it won't speak HTTPS, it would speak
          plain HTTP.<br>
          > That's what the configuration you're using does - it
          tells stunnel to<br>
          > run in client mode, i.e. something will connect to
          stunnel using<br>
          > an unencrypted connection and stunnel will connect to a
          TLS server<br>
          > (in this case an HTTPS server).<br>
          ><br>
          > So what happens when you try almost the same query, but
          with the "http"<br>
          > scheme instead of the "https" one?<br>
          ><br>
          > curl -v <a class="moz-txt-link-freetext"
            href="http://127.0.0.1:19201" moz-do-not-send="true">http://127.0.0.1:19201</a><br>
          ><br>
          > G'luck,<br>
          > Peter<br>
          ><br>
          <br>
          _______________________________________________<br>
          stunnel-users mailing list<br>
          <a class="moz-txt-link-abbreviated"
            href="mailto:stunnel-users@stunnel.org"
            moz-do-not-send="true">stunnel-users@stunnel.org</a><br>
          <a class="moz-txt-link-freetext"
            href="https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users"
            moz-do-not-send="true">https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users</a><br>
        </div>
      </blockquote>
      <br>
    </blockquote>
    <br>
  </body>
</html>