[stunnel-users] Getting Stunnel to Work Under Windows 7 64-bit

Michal Trojnara Michal.Trojnara at mirt.net
Thu May 3 13:56:29 CEST 2012 

Thomas Eifert wrote:

> For the benefit of the group, I thought I'd share some experiences I  
> had when attempting to get
> Stunnel to run under Windows 7 SP1 64-bit.

Thank you for your feedback.  The sad truth is that Windows version of  
stunnel is mostly tested under Windows XP.  Maybe some day I will have  
more time (or a sponsor) to configure a Windows 7 testing platform and  
fix the issues you reported...

> 1.  The Stunnel status window displayed only configuration loads.   
> No output from any
>      active connection was ever displayed, despite the fact that  
> Stunnel was passing
>      traffic to/from SSL-enabled servers.

I guess you might have more than one stunnel server started.

> 2.  Stunnel would not write to the log file.  The error message  
> indicated that Stunnel was
>      unable to open stunnel.log.  Initially, I thought this might be  
> a factor in the lack of
>      status window connection output, so I commented the log  
> statement out to eliminate it.
>      I then reloaded the configuration.  The issue of not seeing any  
> connection info
>      was unaffected.

It's likely the same problem.  Default file operation semantics on  
Windows is to disallow more than one process opening the same file.

> 3.  The notification area icon would not appear on Stunnel service  
> load.  It would mysteriously
>      appear, then disappear, at seemingly random times.

Windows service should not display taskbar icon to prevent local  
privilege escalation http://en.wikipedia.org/wiki/Shatter_attack

To solve it would require major reengineering of Windows GUI http://www.stunnel.org/?page=sdf_todo

> 4.  Once the service was installed, it was not possible to stop it  
> or uninstall it from the
>      provided start menu shortcuts.  Whenever I attempted to do so,  
> the Stunnel status
>      window would appear.  However, I was able to perform these  
> actions successfully by
>      opening a command prompt, then issuing the commands from there.

This definitely needs more testing...

Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20120503/ac33015c/attachment.sig>

More information about the stunnel-users mailing list