"Bansal, Gaurav (Gaurav)" gbansal@avaya.com wrote:
We are planning to use Stunnel to encrypt traffic between Apache mod_jk and AJP connector of JBoss Tomcat.
Using stunnel does not create a derivative work. GPL license does not restrict the way you *use* stunnel. It only restricts the way you distribute it.
It seems that Stunnel uses OpenSSL APIs. Since Stunnel is available under GPL license, the license terms prevents us from using Stunnel in our product since it exposes OpenSSL which is also available under GPL license.
Your product "exposes OpenSSL"? I'm not sure what you mean. AFAIK OpenSSL is not available under GPL license.
I would like to know if there is also a commercial license available for stunnel? I would appreciate if you can throw pointers on how to package Stunnel with a commercial product.
You can package stunnel with a commercial product as long as it does not create a derivative work. Roughly speaking creating derivative work is linking your code against stunnel. See GPL license for the detailed description.
Yes - commercial licenses are available, but it looks like you don't need one.
We would distribute stunnel binary along with our product. Given the scenario I have mentioned do you foresee legal problems in usage of stunnel.
Just make sure to distribute stunnel source and its license along with your product.
Specifically I am concerned if Stunnel states that compiling, linking, and/or using OpenSSL is allowed
Stunnel license allows linking with OpenSSL. See: http://stunnel.mirt.net/?page=license
Best regards, Mike