[stunnel-users] stunnel-users Digest, Vol 75, Issue 13

Hugo hugo at gkz.fr.nf
Sat Oct 30 22:28:30 CEST 2010


It's what I wanted to do: redirect the public 443 port on the correct local stunnel "accept:" port or service.
I'd set 3 services with 3 different certificates on 3 ports.

By eg, my first domain is ssl.example.com and the second admin.example.com. These two records point on the same IP.
Stunnel has two services on that, so it binds two ports (!=443) (eg, 7100 and 7200)
Is there a way to stunnel (or another program) bind on port 443 and, if user connects on ssl.example.com, forward frames/respond using the service/port 7100, and the same for admin.example.com on 7200?

https://ssl.example.com ==> https://ssl.example.com:7100
https://admin.example.com ==>https://admin.example.com:7200 ?

Thanks

 

Message: 2
Date: Sat, 30 Oct 2010 11:45:19 -0400 (EDT)
From: Jon Daley <stunnel at jon.limedaley.com>
To: stunnel-users at mirt.net
Subject: Re: [stunnel-users] Many services on the same port
	(VirtualHost)
Message-ID: <alpine.DEB.2.00.1010301139120.19689 at orange.limedaley.com>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed

On Sat, 30 Oct 2010, Hugo wrote:

> Does anyone knows a way to make many services listening on the same port?
> I've got one stunnel4 server which allows me to crypt two http servers.
> The first service bind on port 465 and the second on 470.
> What I will is to let user access on the port 465 using 2 different
> ServerNames.
 	I am not sure what you are trying to do.  You want clients to 
connect via https to ports 465 on two different IPs and then stunnel to 
forward them to the appropriate http daemon?
 	I am not sure if stunnel works in that method - that is the 
reverse of what I use stunnel for - I connect via an unencrypted 
connection, and forward via stunnel to an encrypted daemon.
 	And if you are talking about virtually hosting https connections, 
that will work, as long as the certificate contains both servernames - you 
can't use two different certificates, because you don't know which 
certificate to serve until after the connection is encrypted.




-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4398 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20101030/3e0adff6/attachment.bin>


More information about the stunnel-users mailing list