[stunnel-users] Fw: How do I re-encrypt ssl traffic with stunel?

[mkanet at yahoo.com]

Arsen, you are right, that article is old.  It presumes you're using stunnel3.  The current version of stunnel is stunnel4; which uses a configuration file instead of those command line arguments.  For example, below is what you would see in a generic stunnel server config file:


/etc/stunnel/stunnel.conf
cert = /etc/stunnel/apache.pem
key  = /etc/stunnel/apache.pem debug = 7
output = /etc/stunnel/debug.log ;sslVersion = all setuid = nobody
setgid = nobody
pid = /var/run/stunnel/stunnel4.pid socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1 [pop3s]
accept  = 995
connect = 110 [imaps]
accept  = 993
connect = 143 [ssmtp]
accept  = 465
connect = 25 [stunnel-https]
accept  = 443
connect = localhost:80
------------------------------------------------------- 

.  Only very limited command line arguments are permitted in stunnel4.  In your case, if you want to get results quicker, it may be a lot easier to just look for an old version of stunnel3 to download.




----- Forwarded Message -----

I’m trying to set up wireshark debugging of ssl traffic by
following this article:
 
http://www.webos-internals.org/wiki/Decrypt_SSL_(trusted_man-in-the-middle_technique)
 
It lists following stunnel commands to do the job:
 
Listen on local IP and de-SSL
traffic to localhost:8080
sudo stunnel -p ps.pem -d 443 -r 8080
Listen on 8080, re-SSL to remote server on 443
sudo stunnel -c -d 8080 -r ps.palmws.com:443
 
The article seems outdated, and stunnel does not react on
these commands anymore.
 
Can anyone provide me with a proper configuration file to do
the same?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20121109/5d80d57b/attachment.html>