Accept does takes the ip :
*accept = address*
accept connections on specified address
*If no host specified, defaults to all IPv4 addresses for the local host.*
To listen on all IPv6 addresses use:
connect = :::port
And having a port different than 443 is not acceptable. (lot of accept word :D)
Thomas.
On Fri, Feb 10, 2012 at 22:17, Kevin Decherf kevin@kdecherf.com wrote:
On Fri, Feb 10, 2012 at 10:09 PM, Thomas Manson < dev.mansonthomas@gmail.com> wrote:
Hi,
I want to setup the following architecture :
stunnel ---> haproxy --> 2 webserver.
I run severa virtual host on the 2 webservers, and a subset of them needs https.
I can allocate several IP address for the host that run stunnel.
How do I configure a single stunnel process to have a certificate per IP for the port https?
I tryed to add several section like the following :
[mansonthomas.com] cert = /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt accept = 88.190.17.222:443 connect = 127.0.0.1:82
xforwardedfor = yes TIMEOUTclose = 0
So the question is : Is it possible ? do you have a sample configuration file to share for this use case?
Hi,
I don't know if 'accept' supports IP but you can use several ports on the same IP and redirect these ports with iptables to the dedicated IP
Kevin Decherf - M: +33 681194547 - T: @Kdecherf
stunnel-users mailing list stunnel-users@stunnel.org http://stunnel.mirt.net/mailman/listinfo/stunnel-users