[stunnel-users] Connect using TLS with public Web Server
Carlos Castro
carlos.castro.guerrero at gmail.com
Mon Mar 5 12:32:41 CET 2018
Hello ,
Thanks @Peter
I'm trying to configure to connect with my PC to this Public server
https://ctm.omgeo.net using TLS1.2 but i don't can.
I'm need setup stunnel for old application doesn't support TLS , and
this application need connect with this public server to send data.
I'm using the Peter config , but nothing . I try this config :
[omgeo]
client = yes
accept = 127.0.0.1:19201
connect = ctm.omgeo.net:443
verify = 2
CApath = /etc/ssl/certs/
I'm using Curl to try connect , I'm recive this error
/etc/ssl/certs# curl -v https://127.0.0.1:19201
* Rebuilt URL to: https://127.0.0.1:19201/
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 19201 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* gnutls_handshake() failed: The TLS connection was non-properly terminated.
* Closing connection 0
curl: (35) gnutls_handshake() failed: The TLS connection was
non-properly terminated.
whitout STUNNEL , i recived this OUTPUT :
curl -v https://ctm.omgeo.net
* Rebuilt URL to: https://ctm.omgeo.net/
* Trying 88.221.6.124...
* Connected to ctm.omgeo.net (88.221.6.124) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384
* server certificate verification OK
* server certificate status verification SKIPPED
* common name: *.omgeo.net (matched)
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: C=US,ST=Massachusetts,L=Boston,O=Omgeo LLC,CN=*.omgeo.net
* start date: Fri, 21 Jul 2017 00:00:00 GMT
* expire date: Sat, 20 Oct 2018 23:59:59 GMT
* issuer: C=US,O=Symantec Corporation,OU=Symantec Trust
Network,CN=Symantec Class 3 Secure Server CA - G4
* compression: NULL
* ALPN, server accepted to use http/1.1
> GET / HTTP/1.1
> Host: ctm.omgeo.net
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
< Location: /cleartrust/ct_logon.jsp
< Content-Length: 0
< Date: Mon, 05 Mar 2018 11:31:09 GMT
< Connection: keep-alive
< Set-Cookie:
Actrust-session-v001d=aHR0cHM6Ly9jdG0ub21nZW8ubmV0OjQ0My9pbmRleC5odG1s;
secure; domain=.omgeo.net; path=/
<
* Connection #0 to host ctm.omgeo.net left intact
Many Thanks
Regards
On 02/02/18 14:10, peter at easthope.ca wrote:
> From: Carlos Castro <carlos.castro.guerrero at gmail.com>
> Date: Fri, 2 Feb 2018 12:04:08 +0100
>> I have older application and now I need connect with external server HTTPS
>> using TLS . My application doesn't support with TLS and I think use Stunnel
>> to connect with this Server HTTPS.
> Same requirement here. Have you tried this configuration?
>
> ; yourhost:/etc/stunnel4/stunnel.conf
> ...
> [https]
> client = yes
> accept = 443
> transparent = destination
>
> Regards, ... Peter E.
>
More information about the stunnel-users
mailing list