stunnel-users September 2009

stunnel-users@stunnel.org

13 participants
13 discussions

Stunnel 4 failing to connect to gmail
by Asif Iqbal 11 Dec '20

11 Dec '20

I am faling to connect to gmail. Not sure what that bind error means. iqbala@ghar:~$ sudo stunnel4 2008.12.15 13:53:17 LOG7[3839:3083650736]: Snagged 64 random bytes from /home/iqbala/.rnd 2008.12.15 13:53:17 LOG7[3839:3083650736]: Wrote 1024 new random bytes to /home/iqbala/.rnd 2008.12.15 13:53:17 LOG7[3839:3083650736]: RAND_status claims sufficient entropy for the PRNG 2008.12.15 13:53:17 LOG7[3839:3083650736]: PRNG seeded successfully 2008.12.15 13:53:17 LOG7[3839:3083650736]: Certificate: … [View More]

5 9

Re: [stunnel-users] Stunnel on the same machine
by subrata＠indiatimes.com 01 Aug '11

01 Aug '11

The configuration files are : pid = /var/stunnel.pid ;chroot = /var/lib/stunnel setuid = nobody setgid = nobody foreground =yes ; Use it for client mode client = yes ; Service-level configuration [pop3s] accept = 995 connect = 110 [imaps] accept = 993 connect = 143 [ssmtp] accept = 465 connect = 25 [mysqls] accept = 3307 connect = 192.168.1.6:3307 On 192.168.1.6 ---------------------- pid = /var/stunnel.pid setuid =nobody setgid = nobody foreground = yes client = no ; Service-… [View More]

3 3

Re: [stunnel-users] rewrite Destination: when rewriting Host:
by Brian Hatch 07 Oct '09

07 Oct '09

Sometime near 2007-11-11 00:15 -0500, Marcio Marchini shouted: > Researching online one can see that WebDAV's spec requires that they > check both src and dest URLs for protocol & port. But with some proxies or > SSL fronts like stunnel, only one of the URLs is rewritten, so one goes as > http and the other as https. Here's one person explaining it, much better > than me: http://svn.haxx.se/users/archive-2006-03/0549.shtml Stunnel doesn't currently have the ability to … [View More]

3 2

Weird verify behaviour using intermediate CAs
by Simon Vallet 05 Oct '09

05 Oct '09

Hi, we're trying to make use of stunnel here for proxy purposes : any certificate-authenticated SSL client connection from the Internet would be forwarded to some internal server. This works fine, but I found some surprising behaviour when verifying client certificates. Consider the following setup, using an intermediate client CA : * RootCA ** UserCA1 *** UserCert1 ** UserCA2 *** UserCert2 To make this work, it seems I only have to include the Root CA certificate in either a CAfile or a … [View More]

2 6

Advanced Config Question-
by Dave Fazio 30 Sep '09

30 Sep '09

Group, Need help confirming Stunnel can be configured the following way: I have a server that has 5 local IPs, mapping to 5 public IPs on the outside. For example purposes, my local IPs are "A", "B", "C", "D", and "E"... If I connect to a stunnel port configured to "C", will Stunnel route the request outbound on "C" or will it use "A" outbound? The way I have it configured, it's using "A" apparently, no matter what local stunnel IP I bind my connection to. And help will be greatly … [View More]

2 2

SMTP AUTH with stunnel?
by conover＠rahul.net 30 Sep '09

30 Sep '09

Can stunnel be used for a local smtp server, that does not support upstream SMTP AUTH, to connect to an smtp server that requires it? Thanks, John -- John Conover, conover(a)rahul.net, http://www.johncon.com/

2 1

Problems implementing certificate
by Marcelo Iturbe 15 Sep '09

15 Sep '09

Hello, I am using Stunnel 4.27 binary version on Windows 2003 server. In the stunnel.pam file I did the following: In the -----BEGIN RSA PRIVATE KEY----- section, I placed the same text that appeared in the -----BEGIN NEW CERTIFICATE REQUEST----- when I purchased the certificate In the -----BEGIN CERTIFICATE----- section I placed what verisign returned to me. When I try to load Stunnel I get the following error messages: : RAND_status claims sufficient entropy for the PRNG : PRNG seeded … [View More]

1 0

Re: [stunnel-users] Stunnel Certificate generation
by Alaric Dailey 10 Sep '09

10 Sep '09

You can modify your stunnel.conf, there are lots of examples on the web to do that. Please don't use self-signed certs, you will have no end of issues, and there is NO reason to. StartCom offers free certificates, is in most browsers now, and will be included in IE by the end of September. http://blog.startcom.org/?p=205 So why would you create the headaches of using self-signed certs? Original Message ----------------------- Hi, I would like to know whether it is possible to automate … [View More]

2 1

Stunnel Certificate generation
by Matty Ronald 09 Sep '09

09 Sep '09

Hi, I would like to know whether it is possible to automate the process of generating stunnel.pem. During the make install we get questions like: Generating a 1024 bit RSA private key ..................++++++ .........++++++ writing new private key to 'stunnel.pem' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave … [View More]

1 0

using stunnel in HP UX 11i v3
by Mostafa Arab 09 Sep '09

09 Sep '09

Hi Sorry for my question because it is too elementary but I need some help. I want to use stunnel for one of our projects on an HP Itanium server that have HP UX 11i v3 This is result for #uname –a command : HP-UX xxxxx B.11.31 U ia64 2210092972 unlimited-user license I want to start stunnel as client . I found an stunnel in ‘/opt/hpws/apache’ folder. 1- May I use this stunnel for my project? 2- If it is possible how I can start it ? I added one line to /etc/services and tried … [View More]

2 1

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

stunnel-users September 2009