Config and logs below but redacted, this is running on 2016 server, if it matters I am starting it over an RDP session
I find that the port is ignored in the config file and it always binds to ports in the 23*** range
; Sample stunnel configuration file by Michal Trojnara 2002-2006 ; Some options used here may not be adequate for your particular configuration
; Certificate/key is needed in server mode and optional in client mode ; The default certificate is provided only for testing and should not ; be used in a production environment ;cert = stunnel.pem ;key = stunnel.pem
; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1
; Workaround for Eudora bug ;options = DONT_INSERT_EMPTY_FRAGMENTS
; Authentication stuff ;verify = 2 ; Don't forget to c_rehash CApath ;CApath = certs ; It's often easier to use CAfile ;CAfile = certs.pem ; Don't forget to c_rehash CRLpath ;CRLpath = crls ; Alternatively you can use CRLfile ;CRLfile = crls.pem
; Some debugging stuff useful for troubleshooting debug = 7 output = /stunnel.log
; Use it for client mode client = yes
; Service-level configuration
[Service Config] accept=127.0.0.1:40001 connect = redacted:443
log file
2020.04.18 10:08:18 LOG7[main]: Dispatching a signal from the signal pipe 2020.04.18 10:08:18 LOG7[main]: Processing SIGNAL_RELOAD_CONFIG 2020.04.18 10:08:18 LOG7[main]: Running on Windows 6.2 2020.04.18 10:08:18 LOG5[main]: Reading configuration from file stunnel.conf 2020.04.18 10:08:18 LOG5[main]: UTF-8 byte order mark detected 2020.04.18 10:08:18 LOG7[main]: Compression disabled 2020.04.18 10:08:18 LOG7[main]: No PRNG seeding was required 2020.04.18 10:08:18 LOG6[main]: Initializing service [Service Config] 2020.04.18 10:08:18 LOG7[main]: Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK 2020.04.18 10:08:18 LOG7[main]: TLSv1.3 ciphersuites: TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256 2020.04.18 10:08:18 LOG7[main]: TLS options: 0x02100004 (+0x00000000, -0x00000000) 2020.04.18 10:08:18 LOG7[main]: No certificate or private key specified
2020.04.18 10:08:18 LOG4[main]: Service [Digital-Prod-MTF-FIX-MD] needs authentication to prevent MITM attacks 2020.04.18 10:08:18 LOG5[main]: Configuration successful 2020.04.18 10:08:18 LOG7[main]: Deallocating section defaults 2020.04.18 10:08:18 LOG5[main]: Logging to C:\Users\turnert\AppData\Local/stunnel.log 2020.04.18 10:08:18 LOG7[main]: Binding service [New Broker FIX Demo-Trading] 2020.04.18 10:08:18 LOG7[main]: Listening file descriptor created (FD=1296) 2020.04.18 10:08:18 LOG7[main]: Setting accept socket options (FD=1296) 2020.04.18 10:08:18 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket 2020.04.18 10:08:18 LOG6[main]: Service [New Broker FIX Demo-Trading] (FD=1296) bound to 127.0.0.1:23471 2020.04.18 10:08:18 LOG7[main]: Binding service [Service Config]
This message and its attachments are confidential, may not be disclosed or used by any person other than the addressee and are intended only for the named recipient(s). If you are not the intended recipient, please notify the sender immediately and delete any copies of this message.
LMAX Group is the holding company of LMAX Exchange, LMAX Global and LMAX Digital. Our registered address is Yellow Building, 1A Nicholas Road, London W11 4AN.