[stunnel-users] Connecting to stunnel with SQLServer

Mohit Anchlia mohitanchlia at gmail.com
Fri Jun 25 21:23:57 CEST 2010


Has anyone else tried using Java SSL or anything using Java that will
not require stunnel on the client side?

On Fri, Jun 25, 2010 at 12:13 PM, Carter Browne <cbrowne at cbcs-usa.com> wrote:
> On 6/24/2010 11:00 PM, Mohit Anchlia wrote:
>> On Thu, Jun 24, 2010 at 10:27 AM, Carter Browne <cbrowne at cbcs-usa.com> wrote:
>>
>>> On 6/24/2010 12:09 PM, Mohit Anchlia wrote:
>>>
>>>> On Thu, Jun 24, 2010 at 5:14 AM, Carter Browne <cbrowne at cbcs-usa.com> wrote:
>>>>
>>>>
>>>>> It is very easy to do if you have stunnel running on both ends.  On the
>>>>> client side in the configuration file you could have:
>>>>>
>>>>> [MSSQL-OUT]
>>>>> accept = localhost:1433
>>>>> connect = remote:20000
>>>>> client = yes
>>>>>
>>>>>
>>>> Thanks. So if I have stunnel running on both ends how do I connect to
>>>> SQL server? Just open a JDBC connection on the local port and it will
>>>> automatically connect on the remote side?
>>>>
>>>>
>>> In this example, I would define an alias using the configuration manager
>>> giving it your name for the data base, and having it connect to port
>>> 1433 on localhost.  For my systems,
>>> I usually use a dummy name defined in the 127.0.0.0/8 net and some port
>>> other than 1433.  This approach does require stunnel on both ends.  I
>>> haven't tried any other approaches.
>>> MS SQL server does have some options for encrypting the traffic as well
>>> - I did not think they would work for my mixed Linux/Windows
>>> environment, but it might work for your environment.
>>>
>>>
>>>
>>>> Also, are there any other options? We have 20 servers from which we
>>>> need to connect. I was trying to avoid install of another binary and
>>>> relying on it for being up and running. Is it possible to use Java
>>>> SSL? Or is that too complicated and not proven to work? Not sure if
>>>> there is any other option.
>>>>
>>>>
>>>>
>>>>> on the remote side have:
>>>>>
>>>>> [MSSQL-IN]
>>>>> accept = 20000
>>>>> connect = 1433
>>>>> client = no
>>>>>
>>>>> In this example port 20000 would have to be open to any firewalls
>>>>> including the Windows firewall and assumes you are using the standard
>>>>> MSSQL port on the server.
>>>>>
>>>>> You would probably want to use the SQL Server Configuration Manager on
>>>>> the client computer to add an alias for your data base.
>>>>>
>>>>>
>> Our client will be on Linux box. I am trying to understand if I am
>> using JDBC the connection URL is something like:
>>
>> jdbc:sqlserver://[serverName[\instanceName][:portNumber]][;property=value[;property=value]]
>>
>> So if I use stunnel on both sides then how will this work? What will I
>> give in my connection string?
>>
>
> I don't have a Java DB connection, so I cannot speak from experience.
> For both the Windows and the Linux ODBC drivers, using the example above
> the server name would be
> localhost:1433.  The Instance name and any properties that you send
> would not change.  Again, using the values in the example, stunnel is
> simply mapping localhost:1433 to remote:1433.
>
> Carter
>>
>>>>> Carter
>>>>>
>>>>> Carter Browne
>>>>> CBCS
>>>>> cbrowne at cbcs-usa.com
>>>>> 781-721-2890
>>>>>
>>>>>
>>>>> On 6/23/2010 11:32 PM, Mohit Anchlia wrote:
>>>>>
>>>>>
>>>>>> We have a requirement to connect to a SQLServer that is connected
>>>>>> through stunnel on the other end. Can I use java SSL to talk to
>>>>>> stunnel? What are my options?
>>>>>> _______________________________________________
>>>>>> stunnel-users mailing list
>>>>>> stunnel-users at mirt.net
>>>>>> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>



More information about the stunnel-users mailing list