Hi, I have a normal TCP server which listenning to 192.168.1.4:4433 address. the client (192.168.1.5) will connect with the serveur via Port serie .I want to make a root certificate CA, which will generate 2 pairs ( key + certificate) one for the server and one for the client. 1-Root certificate : CA2-Key + certificate:for the Client 3-Key + certificate:for the Server I do not know how to configure the SSL elements in Stunnel, I am using Windows XP.
My config: Stunnel.config for the server: ; Some performance tuningssocket = l:TCP_NODELAY=1socket = r:TCP_NODELAY=1 output = stunnel.log ; Authentication stuffverify = 1 ; It's often easier to use CAfileCAfile = ca.pemcert = stunnel.pem debug = 7;foreground=yes client = no[server]accept = 4433 connect = 192.168.1.4:4433
But doesn't work :(
thanks,
KHALED Khaled Ingénieur de télécommunications et informatique
Date: Tue, 8 Jan 2008 10:29:19 -0800> From: bri@stunnel.org> To: kkhaled@hotmail.fr> CC: stunnel-users@mirt.net; stunnel-users-owner@mirt.net> Subject: Re: [stunnel-users] TCP (Server / Client)> > Sometime near 2008-01-08 10:30 +0100, khaled khaled harangued:> > > I am a new STUNNEL user,I will do 2 secure sockets TCP (Server / Client). I > > would like to know how to set 'stunnel.conf. I tried but it does not work.> > You need to be more clear about > > 1) what IP/Port you want to accept on> 2) if you're accepting cleartext or ssl> > 3) what IP/Port you want to connect to (or prrogam to launch)> 4) if you're sending cleartext or ssl> (this should be the opposite of #2 above)> > > cert = server.crt > > key = serverkey.key> > CAfile = ca.crt> > accept = 192.168.1.4:4433> > connect = 192.168.1.4:4433> > You have stunnel accepting connections and send them to itself.> While a recursive loop may be fun, I doubt it's what you> actually wanted.> > > -- > Brian Hatch Friends come and go,> Systems and but enemies accumulate.> Security Engineer> http://www.ifokr.org/bri/%3E > Every message PGP signed
_________________________________________________________________ Nouveau ! Créez votre profil Messenger ! http://home.services.spaces.live.com/