On Tuesday 27 of September 2005 03:06, Revelancefound@aol.com wrote:
It seems that stunnel does not encrypt outward traffic from my pc. I was able to get stunnel to work in the first place by having different proxies for each protocol.
[cut]
To my disappointment, the sniffer picked up my username and password in plain text through HTTP protocol several times.
[cut]
; Use it for client mode client = yes
What's the reason to use client mode stunnel for http? Most web browsers support http natively.
[https] accept = 127.0.0.1:443 connect = httpsupportingproxy2:6588 TIMEOUTclose = 0
The port is also confusing. Since you use client mode your httpsupportingproxy2:6588 should be an SSL-enabled server and 127.0.0.1:443 is a plain http service, isn't it?
verify = 0
And to have a certificate-based authentication it's a good idea to turn it on. SSL is vulnerable to main-in-the-middle attacks, otherwise.
Best regards, Mike