So, my understanding is that I will need one stunnel for each remote web server that my http client is going to connnect to. For example if my http client want to connect to 3 remote web servers. I will need to setup the folllowing stunnels:
Remote https Web Server #1 <------------- Stunnel #1 <---------- http client (http://localhost:81) (port 81) Remote https Web Server #1 <------------- Stunnel #2 <---------- http client (http://localhost:82) (port 82) Remote https Web Server #1 <------------- Stunnel #3 <---------- http client (http://localhost:83) (port 83)
But I will need only one stunnel for my http server as follow:
Remote https client #1 ------------+-----> Stunnel --------------- http server | (port 443) (port 80) Remote https client #2 ------------+ | ..... | | Remote https client #N-------------+
Is the following config file correct for my http server stunnel?
client=no accept=443 connect=localhost:80
Thank you! -Joe
-----Original Message----- From: Christophe Nanteuil [mailto:christophe.nanteuil@gmail.com] Sent: Monday, March 23, 2009 3:19 AM To: Joe Lau Cc: stunnel-users@mirt.net Subject: Re: [stunnel-users] Using stunnel in a box having http client and http server.
2009/3/20 Joe Lau Jlau@extremenetworks.com:
Hello,
Hello,
I am new to this list.
I am planning to use stunnel on my box which has a http client and http server running on it. I will need two stunnel instances, one for the http client and one for the http server respectively.
It seems good.
For my http client, my stunnel config file looks like this:
client=yes accept=80 connect=remote_web_server:443
For my http server, my stunnel config file looks like this:
client=no accept=443
The problem I am facing is now I have two programs (i.e. 1) stunnel for http client and 2) http server) listening to the same port 80. How do I resolve this conflict?
Who is going to connect to your http "client" ? if it is your local browser (which seems the goal of the configuration), then you can configure the client with "accept=81" and then type in your browser's address bar "https://localhost:/81"
-- Christophe Nanteuil
DISCLAIMER: This e-mail and any attachments to it may contain confidential and proprietary material and is solely for the use of the intended recipient. Any review, use, disclosure, distribution or copying of this transmittal is prohibited except by or on behalf of the intended recipient. If you have received this transmittal in error, please notify the sender and destroy this e-mail and any attachments and all copies, whether electronic or printed.
Anoter options for you remote servers is to use other addresses in the 127.0.0.0/8 network, for example
in your host file, you can have
127.0.1.1 secureclient1 127.0.1.2 secureclient2 127.0.1.3 secureclient3
and then in the configurattion file have
secureclient1 ----> https web server 1 secureclient2 -----> https web server 2 secureclient3 -----> https web server 3
With this approach, you don't have to remember to put in the port every time you want to go to the secure server.
Carter
Carter Browne CBCS cbrowne@cbcs-usa.com 781-721-2890
Joe Lau wrote:
So, my understanding is that I will need one stunnel for each remote web server that my http client is going to connnect to. For example if my http client want to connect to 3 remote web servers. I will need to setup the folllowing stunnels:
Remote https Web Server #1 <------------- Stunnel #1 <---------- http client (http://localhost:81) (port 81) Remote https Web Server #1 <------------- Stunnel #2 <---------- http client (http://localhost:82) (port 82) Remote https Web Server #1 <------------- Stunnel #3 <---------- http client (http://localhost:83) (port 83)
But I will need only one stunnel for my http server as follow:
Remote https client #1 ------------+-----> Stunnel --------------- http server | (port 443) (port 80) Remote https client #2 ------------+ | ..... | | Remote https client #N-------------+
Is the following config file correct for my http server stunnel?
client=no accept=443 connect=localhost:80
Thank you! -Joe
-----Original Message----- From: Christophe Nanteuil [mailto:christophe.nanteuil@gmail.com] Sent: Monday, March 23, 2009 3:19 AM To: Joe Lau Cc: stunnel-users@mirt.net Subject: Re: [stunnel-users] Using stunnel in a box having http client and http server.
2009/3/20 Joe Lau Jlau@extremenetworks.com:
Hello,
Hello,
I am new to this list.
I am planning to use stunnel on my box which has a http client and http server running on it. I will need two stunnel instances, one for the http client and one for the http server respectively.
It seems good.
For my http client, my stunnel config file looks like this:
client=yes accept=80 connect=remote_web_server:443
For my http server, my stunnel config file looks like this:
client=no accept=443
The problem I am facing is now I have two programs (i.e. 1) stunnel for http client and 2) http server) listening to the same port 80. How do I resolve this conflict?
Who is going to connect to your http "client" ? if it is your local browser (which seems the goal of the configuration), then you can configure the client with "accept=81" and then type in your browser's address bar "https://localhost:/81"
-- Christophe Nanteuil
DISCLAIMER: This e-mail and any attachments to it may contain confidential and proprietary material and is solely for the use of the intended recipient. Any review, use, disclosure, distribution or copying of this transmittal is prohibited except by or on behalf of the intended recipient. If you have received this transmittal in error, please notify the sender and destroy this e-mail and any attachments and all copies, whether electronic or printed. _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
-
Carter Browne -
Joe Lau