[stunnel-users] Can this be done by Stunnel
Thomas Eifert
kxkvi at wi.rr.com
Fri Mar 23 04:18:06 CET 2012
Alan;
While I don't generally use Stunnel for HTTPS, I found your question
interesting. Since I'm always trying
to experiment with configurations of and applications for Stunnel, I
decided to give it a whirl.
I'm happy to confirm that it works just fine for me. I'm not connecting
to the site in your example,
but the principle is the same. Perhaps the answer lies in how your
browser parses that URL,
and how, as a result, it inserts that data into the stream.
For the experiment, I used Firefox 9.0.1 running under Windows XP x86
with Stunnel version 4.53.
My test config was:
debug = 6
fips = no
delay = yes
output = stunnel.log
[https]
client = yes
accept = 127.0.1.21:7777
connect = www.host.domain:443
Where www.host.domain is just an example. As you can see, I did not
include any
TIMEOUTclose statement in my config file.
Then I pointed the browser at
http://127.0.1.21:7777/do/mypage/longparameterstringhere.
As far as I can tell, all of the parameters contained in that string
were passed on to the web site without
any difficulty.
You might want to check your log window to see what's happening when you
try to connect via Stunnel.
Here's an actual example of the connection activity from my log:
2012.03.22 21:20:51 LOG5[992:2548]: Service [https] accepted connection
from ***.**.***.*:2671
2012.03.22 21:20:51 LOG6[992:2548]: connect_blocking: connecting
***.***.***.***:443
2012.03.22 21:20:51 LOG5[992:2548]: connect_blocking: connected
***.***.***.***:443
2012.03.22 21:20:51 LOG5[992:2548]: Service [https] connected remote
server from ***.**.***.*:2672
2012.03.22 21:20:51 LOG6[992:2548]: SSL connected: new session negotiated
2012.03.22 21:20:51 LOG6[992:2548]: Negotiated TLSv1/SSLv3 ciphersuite:
RC4-SHA (128-bit encryption)
2012.03.22 21:20:51 LOG6[992:2548]: Compression: null, expansion: null
2012.03.22 21:21:00 LOG6[992:2548]: SSL_shutdown successfully sent
close_notify alert
2012.03.22 21:21:00 LOG5[992:2548]: Connection closed: 1879 byte(s) sent
to SSL, 128546 byte(s) sent to socket
If you have to post again, it would be helpful if you included more detail.
Good luck with your application!
Thomas
On 3/21/2012 9:50 AM, Alan C. Bonnici wrote:
>
> Hi,
>
> I am new to STunnel. I am trying to connect to a service provided by
> nexmo.com.
>
> If from a browser I type the following:
>
> https://rest.nexmo.com/sms/xml?username=xxxxxxx&password=xxxxx&from=xxxxxxx&to=xxxxxxx&text=xxxxxxxxxx
> <https://rest.nexmo.com/sms/xml?username=xxxxxxx&password=xxxxx&from=xxxxxxx&to=xxxxxxx&text=xxxxxxxxxx>
>
> The process works.
>
> I just installed stunnel and have the following config file
>
> ; Debugging stuff (may useful for troubleshooting)
>
> ;debug = 7
>
> ;output = stunnel.log
>
> ; Certificate/key is needed in server mode and optional in client mode
>
> cert = stunnel.pem
>
> ;key = stunnel.pem
>
> ; Disable support for insecure SSLv2 protocol
>
> options = NO_SSLv2
>
> [nexmo]
>
> client = yes
>
> accept = 9012
>
> connect = rest.nexmo.com:443
>
> TIMEOUTclose = 0
>
> When I type
>
> http://127.0.0.1:9012/sms/xml?username=xxxxxxx&password=xxxxx&from=xxxxxxx&to=xxxxxxx&text=xxxxxxxxxx
>
>
> it does not.
>
> Can anyone please confirm whether what I am trying to do is doable and
> maybe highlight what I am doing wrong.
>
> Regards,
>
> Alan
>
>
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
--
Attention: This message and all attachments are private and may contain information that is confidential and privileged. If you received this message in error, please notify the sender by reply email and delete the message immediately.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20120322/f8e00c62/attachment.html>
More information about the stunnel-users
mailing list