Hello ,
Thanks @Peter
I'm trying to configure to connect with my PC to this Public server https://ctm.omgeo.net using TLS1.2 but i don't can.
I'm need setup stunnel for old application doesn't support TLS , and this application need connect with this public server to send data.
I'm using the Peter config , but nothing . I try this config :
[omgeo] client = yes accept = 127.0.0.1:19201 connect = ctm.omgeo.net:443 verify = 2 CApath = /etc/ssl/certs/
I'm using Curl to try connect , I'm recive this error
/etc/ssl/certs# curl -v https://127.0.0.1:19201 * Rebuilt URL to: https://127.0.0.1:19201/ * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 19201 (#0) * found 148 certificates in /etc/ssl/certs/ca-certificates.crt * found 592 certificates in /etc/ssl/certs * ALPN, offering http/1.1 * gnutls_handshake() failed: The TLS connection was non-properly terminated. * Closing connection 0 curl: (35) gnutls_handshake() failed: The TLS connection was non-properly terminated.
whitout STUNNEL , i recived this OUTPUT : curl -v https://ctm.omgeo.net * Rebuilt URL to: https://ctm.omgeo.net/ * Trying 88.221.6.124... * Connected to ctm.omgeo.net (88.221.6.124) port 443 (#0) * found 148 certificates in /etc/ssl/certs/ca-certificates.crt * found 592 certificates in /etc/ssl/certs * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384 * server certificate verification OK * server certificate status verification SKIPPED * common name: *.omgeo.net (matched) * server certificate expiration date OK * server certificate activation date OK * certificate public key: RSA * certificate version: #3 * subject: C=US,ST=Massachusetts,L=Boston,O=Omgeo LLC,CN=*.omgeo.net * start date: Fri, 21 Jul 2017 00:00:00 GMT * expire date: Sat, 20 Oct 2018 23:59:59 GMT * issuer: C=US,O=Symantec Corporation,OU=Symantec Trust Network,CN=Symantec Class 3 Secure Server CA - G4 * compression: NULL * ALPN, server accepted to use http/1.1
GET / HTTP/1.1 Host: ctm.omgeo.net User-Agent: curl/7.47.0 Accept: */*
< HTTP/1.1 302 Moved Temporarily < Location: /cleartrust/ct_logon.jsp < Content-Length: 0 < Date: Mon, 05 Mar 2018 11:31:09 GMT < Connection: keep-alive < Set-Cookie: Actrust-session-v001d=aHR0cHM6Ly9jdG0ub21nZW8ubmV0OjQ0My9pbmRleC5odG1s; secure; domain=.omgeo.net; path=/ < * Connection #0 to host ctm.omgeo.net left intact
Many Thanks
Regards
On 02/02/18 14:10, peter@easthope.ca wrote:
From: Carlos Castro carlos.castro.guerrero@gmail.com Date: Fri, 2 Feb 2018 12:04:08 +0100
I have older application and now I need connect with external server HTTPS using TLS . My application doesn't support with TLS and I think use Stunnel to connect with this Server HTTPS.
Same requirement here. Have you tried this configuration?
; yourhost:/etc/stunnel4/stunnel.conf ... [https] client = yes accept = 443 transparent = destination
Regards, ... Peter E.