Hi all,
I have a situation where I’m trying to use sTunnel as the client to connect to a service on a secure URL, but the hiccup is that the secure URL is load balanced.
If a do an nslookup on the URL, the response comes back as it being an alias.
Non-authoritative answer:
Name: eu1571393051174.ssl.ondemand.
com Address: 155.56.210.164
Aliases: l4884-iflmap.hcisbp.eu1.hana.
ondemand.com
Looking at the sTunnel log, it resolves to the IP of the server. But the IP itself does not host the service so I’m getting http:503 errors.
2018.03.16 14:44:44 LOG7[18796]: Service [ssl-OSRdev] (FD=564) bound to 0.0.0.0:8085
2018.03.16 14:44:55 LOG7[18796]: Service [ssl-OSRdev] accepted (FD=572) from 192.168.0.22:61093
2018.03.16 14:44:55 LOG7[18796]: Creating a new thread
2018.03.16 14:44:55 LOG7[18796]: New thread created
2018.03.16 14:44:55 LOG7[30864]: Service [ssl-OSRdev] started
2018.03.16 14:44:55 LOG5[30864]: Service [ssl-OSRdev] accepted connection from 192.168.0.22:61093
2018.03.16 14:44:55 LOG6[30864]: s_connect: connecting 155.56.210.164:443
2018.03.16 14:44:55 LOG7[30864]: s_connect: s_poll_wait 155.56.210.164:443: waiting 10 seconds
2018.03.16 14:44:56 LOG5[30864]: s_connect: connected 155.56.210.164:443
2018.03.16 14:44:56 LOG5[30864]: Service [ssl-OSRdev] connected remote server from 192.168.0.32:30269
2018.03.16 14:44:56 LOG7[30864]: Remote socket (FD=588) initialized
2018.03.16 14:44:56 LOG7[30864]: SNI: sending servername: l4884-iflmap.hcisbp.eu1.hana.
ondemand.com 2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): before/connect initialization
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv2/v3 write client hello A
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 read server hello A
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 read server certificate A
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 read server key exchange A
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 read server certificate request A
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 read server done A
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 write client certificate A
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 write client key exchange A
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 write certificate verify A
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 write change cipher spec A
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 write finished A
2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 flush data
2018.03.16 14:44:57 LOG7[30864]: SSL state (connect): SSLv3 read finished A
2018.03.16 14:44:57 LOG7[30864]: 1 items in the session cache
2018.03.16 14:44:57 LOG7[30864]: 1 client connects (SSL_connect())
2018.03.16 14:44:57 LOG7[30864]: 1 client connects that finished
2018.03.16 14:44:57 LOG7[30864]: 0 client renegotiations requested
2018.03.16 14:44:57 LOG7[30864]: 0 server connects (SSL_accept())
2018.03.16 14:44:57 LOG7[30864]: 0 server connects that finished
2018.03.16 14:44:57 LOG7[30864]: 0 server renegotiations requested
2018.03.16 14:44:57 LOG7[30864]: 0 session cache hits
2018.03.16 14:44:57 LOG7[30864]: 0 external session cache hits
2018.03.16 14:44:57 LOG7[30864]: 0 session cache misses
2018.03.16 14:44:57 LOG7[30864]: 0 session cache timeouts
2018.03.16 14:44:57 LOG7[30864]: Peer certificate was cached (3826 bytes)
2018.03.16 14:44:57 LOG6[30864]: SSL connected: new session negotiated
2018.03.16 14:44:57 LOG6[30864]: Negotiated TLSv1/SSLv3 ciphersuite: ECDHE-RSA-AES128-GCM-SHA256 (128-bit encryption)
2018.03.16 14:44:57 LOG6[30864]: Compression: null, expansion: null
2018.03.16 14:44:58 LOG6[30864]: SSL socket closed (SSL_read)
2018.03.16 14:44:58 LOG7[30864]: Sent socket write shutdown
2018.03.16 14:44:58 LOG5[30864]: Connection closed: 1730 byte(s) sent to SSL, 274 byte(s) sent to socket
2018.03.16 14:44:58 LOG7[30864]: Remote socket (FD=588) closed
2018.03.16 14:44:58 LOG7[30864]: Local socket (FD=572) closed
2018.03.16 14:44:58 LOG7[30864]: Service [ssl-OSRdev] finished (0 left)
2018.03.16 14:44:58 LOG7[30864]: str_stats: 3 block(s), 4294962489 data byte(s), 150 control byte(s)
2018.03.16 14:44:58 LOG7[30864]: str_stats: 20 byte(s) at ..\src\network.c:413
2018.03.16 14:44:58 LOG7[30864]: str_stats: 20 byte(s) at ..\src\network.c:412
2018.03.16 14:44:58 LOG7[30864]: str_stats: 20 byte(s) at ..\src\network.c:411
I have tested the service using SoapUI and it works.
Is it possible to have sTunnel follow the URL redirection?
Regards, Tony
_______________________________________________
stunnel-users mailing list
stunnel-users@stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel- users