On Mon, 04 Mar 2013 11:01:37 +0200 "jmwb@webmail.co.za" jmwb@webmail.co.za wrote:
Hi,
Please could you tell me if Stunnel supports HTTPS on the client-side i.e. a true SSL proxy with client-side SSL and server-side SSL (or if anyone has developed a version that does)?
I have tried searching for this without luck because it is difficult to narrow down the search criteria e.g. Stunnel is already cited as an SSL proxy.
jmwb
Hi,
Stunnel is a proxy itself, or a tunnel, as you whish. A secure transparent proxy/tunnel for non-capable SSL/secure applications.
A simple example. Imagine you can't use, for whatever reason, SSL with your web browser (or other application but I'll use a web example) and your web server.
You'll need to create in the Stunnel.conf in the client side a client service as:
[my_client] client = yes ; just a random port where the web browser will connect accept = 127.0.0.1:8523 ; address of web server IP or hostname, web SSL port 443 or other ;random depending on your needs connect = webserver:443
In the server side...:
[my_server] client = no accept = webserver:443 ; address or hostname and port where the web server accepts ; connections connect = webserver:45689
With this configuration, there is a transparent SSL proxy/tunnel between the non-capable SSL browser and the non-capable SSL web server. All SSL dialog is made between the both instances of stunnel (client and server side). Also, you can configure them to use certificates (no need to use browser insalled certificates for example).
Hope this can help. It is quite easy. For further configurations, just check the manual. It is almost all there. And/or lots of examples around the web.
Regards.