[stunnel-users] older browsers, stunnel and privoxy
yyy
yyy at yyy.id.lv
Fri Dec 7 13:04:09 CET 2018
----- Original Message -----
From: "kovacs janos" <kovacsjanosfasz at gmail.com>
To: "Flo Rance" <trourance at gmail.com>
Cc: <stunnel-users at stunnel.org>
Sent: Friday, December 07, 2018 2:30 AM
Subject: Re: [stunnel-users] older browsers, stunnel and privoxy
> now im really not sure, since the wikipedia page on stunnel also
> describes the program doing exactly what i need in the Example
> scenario section:
> https://en.wikipedia.org/wiki/Stunnel#Example_scenario
>
> "Network traffic from the client initially passes over SSL to the
> stunnel application, which transparently encrypts/decrypts traffic and
> forwards unsecured traffic to port 25 locally. The mail server sees a
> non-SSL mail client. "
>
> only difference is, i need it to forward "unsecured traffic" to my
> browser client, not a server. are you all sure its really not
> possible?
>
It is possible with the same limitiations as with server case.
In case of server, there is one server, which accepts incoming connections
(unencrypted) and stunnel accepts unencrypted
connections for that (one) server and decrypts and forwards them. There is
only one server, which gets connected by stunnel.
In case of client (browser), for each remote (https) server to be connected
to, stunnnel config file will need an entry;
in browser it will not be possible to use DNS names (all servers will have
to be addressed as 127.0.0.1:someport
where "someport", is port assigned in stunnel conf server entry accept
statement), so most links in webpages will not work.
It may be feasible for small number of servers, which does not links any
external resources.
More information about the stunnel-users
mailing list