Hello,

linux: Linux asus-gonzo 2.6.15-26-686 #1 SMP PREEMPT Thu Aug 3 03:13:28 UTC 2006 i686 GNU/Linux
stunnel: stunnel 4.14 on i486-pc-linux-gnu PTHREAD+POLL+IPv6+LIBWRAP with OpenSSL 0.9.8a 11 Oct 2005
apache: Apache/2.0.55

I am using stunnel in Ubuntu to provide https serving to an http-only Apache installation. The stunnel config is:

cert = /home/gonzo/src/bg/run/SSL/server.crt
key = /home/gonzo/src/bg/run/SSL/server.crt
chroot = /var/run/stunnel4/
setuid = stunnel4
setgid = stunnel4
pid = /stunnel4.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 7
output = /var/log/stunnel4/stunnel.log
client = no

[https]
accept = 443
connect = 80
TIMEOUTclose = 0

Everything works perfectly, except for one minor detail: on the server, my PHP scripts do not have access to the real IP address of the client, and they always see this value as 127.0.0.1. I am aware the manual says that, if you use -l or -L, there will be an additional REMOTE_HOST environment variable with the desired IP address, but I am not sure how to make this work from a setup like mine, where the http server process is already running.

Any help or hints are greatly appreciated. Best regards,


-- 
Gonzalo Diethelm
gonzalo.diethelm@aditiva.com