I am fairly new to stunnel and also to the networking concepts.

Currently we are working on a surveillance device running on monta vista linux on the ARM11 architecture. We have crossed compiled and deployed a THTTPD server which is working fine. Once you connect to the device using any of the web client (from a windows PC), it will take you to a web page where you can select and stream live video's from all the camera's connected to the device. So far everything is working fine now..

Now the real problem is that we need to support https as well along with http. Since THTTPD web server doesn't support secure connection we thought we would accomplish that using the stunnel application. We were able to download and cross compile the stunnel application for the device. 

Now the doubts I have here is:-

1) Do we need a stunnel server application running on the windows PC from where we will be using the web browser to connect to the client?

2) Where should be the stunnel server and stunnel client be running. I mean should the linux device be running the stunnel client and the windows PC be running the stunnel server? In that case what should be the correct accept and connect parameters in the stunnel.conf file in both the device and the windows PC?

3) Since the device and the machine can have any random IP and port, so is it feasible to dynamically set the accept and connect parameters in the stunnel.conf file?

4) Can the stunnel be considered as a solution to the problem which I have reported here. The point 3 above makes me thing otherwise.

I have tried all combinations mentioned in the point 1 and 2 without success. In none of the case my web browser was able to talk to the device using HTTPS (ie https://my_device_ip). I could see a "client hello" request from the browser to which the client sends an ACK and RST. In some combination an HTTPS request from the browser only triggered a TCP connection request for which the client responded with ACK and RST.

Regards,

Siva