[stunnel-users] stunnel-users Digest, Vol 75, Issue 13

Pierre DELAAGE delaage.pierre at free.fr
Sat Oct 30 22:11:19 CEST 2010


  Hugo,
You have all the answers in my previous mail, although "summarized".
Anyway, please have a look at this :

When you say "if user connects on ssl.example.com, <stunnel> forward frames"
THEN you understand that you need SOMETHING to INTERCEPT AND REDIRECT 
the request of the client to the host "ssl.example.com" to YOUR stunnel 
GATEWAY (supposed on localhost),
RIGHT ?

So there must be something like iptable or a trick in DNS client or 
something like your own DNS server on local network to do that job.
Tricking /windows/system32/drivers/etc/host file is a way to achieve 
this step.

Then have a stunnel having 3 services declared and so on ...

Pierre





Le 30/10/2010 22:28, Hugo a écrit :
> It's what I wanted to do: redirect the public 443 port on the correct local stunnel "accept:" port or service.
> I'd set 3 services with 3 different certificates on 3 ports.
>
> By eg, my first domain is ssl.example.com and the second admin.example.com. These two records point on the same IP.
> Stunnel has two services on that, so it binds two ports (!=443) (eg, 7100 and 7200)
> Is there a way to stunnel (or another program) bind on port 443 and, if user connects on ssl.example.com, forward frames/respond using the service/port 7100, and the same for admin.example.com on 7200?
>
> https://ssl.example.com ==>  https://ssl.example.com:7100
> https://admin.example.com ==>https://admin.example.com:7200 ?
>
> Thanks
>
>
>
> Message: 2
> Date: Sat, 30 Oct 2010 11:45:19 -0400 (EDT)
> From: Jon Daley<stunnel at jon.limedaley.com>
> To: stunnel-users at mirt.net
> Subject: Re: [stunnel-users] Many services on the same port
> 	(VirtualHost)
> Message-ID:<alpine.DEB.2.00.1010301139120.19689 at orange.limedaley.com>
> Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
>
> On Sat, 30 Oct 2010, Hugo wrote:
>
>> Does anyone knows a way to make many services listening on the same port?
>> I've got one stunnel4 server which allows me to crypt two http servers.
>> The first service bind on port 465 and the second on 470.
>> What I will is to let user access on the port 465 using 2 different
>> ServerNames.
>   	I am not sure what you are trying to do.  You want clients to
> connect via https to ports 465 on two different IPs and then stunnel to
> forward them to the appropriate http daemon?
>   	I am not sure if stunnel works in that method - that is the
> reverse of what I use stunnel for - I connect via an unencrypted
> connection, and forward via stunnel to an encrypted daemon.
>   	And if you are talking about virtually hosting https connections,
> that will work, as long as the certificate contains both servernames - you
> can't use two different certificates, because you don't know which
> certificate to serve until after the connection is encrypted.
>
>
>
>
>
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20101030/8dd9201c/attachment.html>


More information about the stunnel-users mailing list