[stunnel-users] HTTP 404 if I don't add 127.0.0.1 in my /etc/hosts

Masih Tavassoli mtavasso at hotmail.com
Sun Feb 16 23:21:14 CET 2020



Hi Experts:

I am trying to do  http->https proxy for one site only:

[example-proxy]
client = yes
accept = 127.0.0.1:5000
sni =integration-instance-idqxdofnz0ca-ia.integration.ocp.oraclecloud.com
checkHost = integration-instance-idqxdofnz0ca-ia.integration.ocp.oraclecloud.com
verifyPeer = yes
verifyChain = yes
connect = 147.154.19.235:443
CAfile = C:\Program Files (x86)\stunnel\config\ca-certs.pem


If I add the following in /etc/hosts all works ok
127.0.0.1 integration-instance-idqxdofnz0ca-ia.integration.ocp.oraclecloud.com

And then I have to use
http://integration-instance-idqxdofnz0ca-ia.integration.ocp.oraclecloud.com:5000/ic/ws/integration/v1/flows/soap/SM_INT10_CREAT_EBS_GTM_SALES/1.0/?wsdl

However, I just want this address to work:

http://10.0.0.33:5000/ic/ws/integration/v1/flows/soap/SM_INT10_CREAT_EBS_GTM_SALES/1.0/?wsdl
:
isn’t the whole point of setting SNI to send servername on your behalf:

2020.02.15 00:46:59 LOG6[46]: SNI: sending servername: integration-instance-idqxdofnz0ca-ia.integration.ocp.oraclecloud.com
2020.02.15 00:46:59 LOG6[46]: Peer certificate required
2020.02.15 00:46:59 LOG7[46]: TLS state (connect): before SSL initialization
2020.02.15 00:46:59 LOG7[46]: TLS state (connect): SSLv3/TLS write client hello
2020.02.15 00:46:59 LOG7[46]: TLS state (connect): SSLv3/TLS write client hello
2020.02.15 00:46:59 LOG7[46]: TLS state (connect): SSLv3/TLS read server hello
2020.02.15 00:46:59 LOG7[46]: TLS state (connect): SSLv3/TLS read change cipher spec
2020.02.15 00:46:59 LOG7[46]: TLS state (connect): SSLv3/TLS read finished
2020.02.15 00:46:59 LOG7[46]: TLS state (connect): SSLv3/TLS write change cipher spec
2020.02.15 00:46:59 LOG7[46]: TLS state (connect): SSLv3/TLS write finished
2020.02.15 00:46:59 LOG7[46]:      3 client connect(s) requested
2020.02.15 00:46:59 LOG7[46]:      3 client connect(s) succeeded
2020.02.15 00:46:59 LOG7[46]:      0 client renegotiation(s) requested
2020.02.15 00:46:59 LOG7[46]:      2 session reuse(s)
2020.02.15 00:46:59 LOG6[46]: TLS connected: previous session reused
2020.02.15 00:46:59 LOG6[46]: TLSv1.2 ciphersuite: ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption)
2020.02.15 00:46:59 LOG7[46]: Compression: null, expansion: null
2020.02.15 00:46:59 LOG6[46]: Session id: E003BBF100FA809D616B2F69E08BAF0119EA856FCEE6AD209BE95F7C5815380B
2020.02.15 00:48:05 LOG7[46]: TLS alert (read): warning: close notify
2020.02.15 00:48:05 LOG6[46]: TLS closed (SSL_read)



What am I missing?

Thanks
Masi

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20200216/c0fe2d47/attachment.htm>


More information about the stunnel-users mailing list