Apparently lighttpd ssl support isn't so flash, I'm been attempting
(I'm a newb) to use stunnel instead, are there any examples? I have a
free startssl cert also (ssl.key / ssl.cert)
What information do I need to setup a reliable connection?
Dear friends,
After reading mailing lists & Web & FAQ I couldn't find answers to these:
stunnel.conf as follows:
debug=7
client = yes
[proxy]
accept=1111
connect=62.215.5.69:8080 (Public SSL Proxy)
protocol=connect
protocolHost=stunnel.mirt.net:443
CLIENT(Browser+Special software)<->firewall<->(Internet)<->Public SSL
Proxy<->WEB SERVER
Public SSL Proxy as follows:
http://tools.rosinstrument.com/raw_free_db.htm?t=2
Only the CLIENT side have stunnel.
After running stunnel 4.34 (Windows binaries).
Then.
Browser http://localhost:1111/
But Sniffer can monitor the command-(CONNECT stunnel.mirt.net:443).
The problem as follows:
Only the CLIENT side can install special software.
Special software including but not limited to stunnel.
If the firewall can block many websites depend on Web IP & URL.
How to pass through the firewall base on Public SSL Proxy?
How to encrypt the URL-(stunnel.mirt.net:443)?
What is the special software?
If stunnel can solve this issue. How to configure?
Best regards,
cpu
Hi,
I have stunnel running in front of HaProxy and everything is working fine
however IE6 users cannot access our HTTPS pages and are instead shown a
'Page cannot be found'. They can access normal pages.
Obviously there's something that stunnel doesn't like about IE6 (who
doesn't) but I'm at a loss as to what changes to make to the stunnel conf.
My conf for stunnel is below:
------------------------------------------------
sslVersion = all
options = NO_SSLv2
fips = no
setuid = root
setgid = stunnel
pid = /var/run/stunnel.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
output = /var/log/stunnel.log
[secure.domain.com]
cert = /usr/local/openssl/certs/secure.domain.com.crt
key = /usr/local/openssl/certs/secure.domain.com.key
accept = X.X.X.X:443
connect = X.X.X.X:81
xforwardedfor = yes
TIMEOUTclose = 0
