Hi, I read most of the messages and tutorials, but still I do not seem to get it to work.
I want to achieve the following: Client side: VB application communicating to a SQL server over port 1433. Server side: Lisning on port 1433 that is lisned to by SQL 2005. However this is not allowed evrywhere, so stunnel comes into play.
Client side: VB application communicating to localhost on port 1433 Stunnel installed lisning on port 1433 and passing it on to port 80 (Note for later: I would like to use SSL, so it will pass through routers, But for the test it will suffice to keep it unencrypted. Also the server is still local and could be reached directly. But it should work fine for testing.)
Server: Stunnel installed as service lisning on port 80 and transmitting it to port 1433 (later to be moved to 443, as I also run a HTTP server)
The config file looks like this: ------------------------------------------------- Client: ; Sample stunnel configuration file by Michal Trojnara 2002-2006 ; Some options used here may not be adequate for your particular configuration
; Certificate/key is needed in server mode and optional in client mode ; The default certificate is provided only for testing and should not ; be used in a production environment cert = stunnel.pem ;key = stunnel.pem
; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1
; Workaround for Eudora bug ;options = DONT_INSERT_EMPTY_FRAGMENTS
; Authentication stuff ;verify = 2 ; Don't forget to c_rehash CApath ;CApath = certs ; It's often easier to use CAfile ;CAfile = certs.pem ; Don't forget to c_rehash CRLpath ;CRLpath = crls ; Alternatively you can use CRLfile ;CRLfile = crls.pem
; Some debugging stuff useful for troubleshooting ;debug = 7 ;output = stunnel.log
; Use it for client mode client = yes
; Service-level configuration
[SQLServer] accept = 127.0.0.1:1433 connect = 10.12.18.10:80
------------------------------------------------- Server: ; Sample stunnel configuration file by Michal Trojnara 2002-2006 ; Some options used here may not be adequate for your particular configuration
; Certificate/key is needed in server mode and optional in client mode ; The default certificate is provided only for testing and should not ; be used in a production environment cert = stunnel.pem ;key = stunnel.pem
; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1
; Workaround for Eudora bug ;options = DONT_INSERT_EMPTY_FRAGMENTS
; Authentication stuff ;verify = 2 ; Don't forget to c_rehash CApath ;CApath = certs ; It's often easier to use CAfile ;CAfile = certs.pem ; Don't forget to c_rehash CRLpath ;CRLpath = crls ; Alternatively you can use CRLfile ;CRLfile = crls.pem
; Some debugging stuff useful for troubleshooting ;debug = 7 ;output = stunnel.log
; Use it for client mode ;client = yes
; Service-level configuration
[SQL] accept = 80 connect = localhost:1433
-------------------------------------------------
As you can see, I tried to keep as close to the example file as I could.
Looking forward to getting this to work and then to including ssl...
Kind regards,
Reinier.