I am deploying connection between on premise database with BI application on cloud. Currently the on premise database connecting via jdbc driver and it not supporting encryption. As per my understanding Stunnel opens port listening on http:127.0.0.1 ( as local) and forward traffic to destination over https using TLSv1.2. I have few question on this , to protect on network level, 1- can I use dante socks proxy along with Stunnel to provide 2 layer of protection? On-prem --- cloud ( 2 layer of protection) -- dante socks ( unencrypted tunnel) -- Stunnel ( e2e Encryption) 2- will it supporting CA other than openSsl