Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [stunnel]

Stunnel is a small tool that can wrap the connection of other protocols with SSL/TLS.

Stunnel is a free software based on OpenSSL providing a SSL/TLS encryption wrapper between remote clients and a local or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. Stunnel uses the OpenSSL library for cryptography, so it supports whatever cryptographic algorithms are compiled into the library.

For more information, see the homepage of the project at stunnel.org.

155 questions
0
votes
1 answer

nginx: server_name and server_addr wrong with reverse proxy in front of it

I have stunnel in front of nginx in order to handle ssl. (I'm aware that nginx can handle ssl, but I'm migrating off nginx and this is a necessary step.) Stunnel and nginx are running on the same box. Without stunnel in front of nginx, nginx got the…
user41356
  • 279
  • 1
  • 5
  • 12
0
votes
2 answers

How do I create certificates for both ends of an stunnel connection?

I am using stunnel to authenticate RDP (Remote Desktop) and I need to verify that a client possesses the proper credentials. So people cannot brute force into the machine. I am also using a bad (outdated) version of RDP that has security…
unixman83
  • 1,932
  • 8
  • 25
  • 33
0
votes
2 answers

how to portforward port 7300 from server A to server B

We are using Stunnel. But want to replace it is with an iptables entry if possible. 192.168.123.122:7300 need to be forwarded to 192.168.123.188:7300. So in iptables I set these two entries: [root@dev ~]# iptables -t nat -A PREROUTING -p tcp --dport…
Patrick van Hout
  • 1
0
votes
1 answer

haproxy session stats change suddenly

We have a load balancer where if we refresh the stats page over and over, we will notice that the Current sessions value will stay stable for a time, say 45-50 sessions per server more or less, then suddenly we will refresh the page and one server…
Kyle
  • 1,859
  • 2
  • 17
  • 23
0
votes
1 answer

stunnel in client mode as proxy for sendmail

I'm configuring an internal mail network that is supposed to do all the transmission using ssl and I want to have all the encryption done by stunnel. So far I have pop3s, imaps and sendmail in server mode all using ssl encryption provided by…
user58292
0
votes
0 answers

How to troubleshoot stunnel dropping repeatedly?

I don't know much about stunnel but we use it in many locations to connect from a Java app to a cloud database. We have one Windows computer where stunnel keeps dying. What might cause this? How can I troubleshoot it?
Chanel
  • 11
  • 2
0
votes
1 answer

Stunnel between two servers: should the ssl certificate be the same on both sides?

I have two Ubuntu servers with stunnel configured between them. Server A acts as a middleman server and forwards all inbound traffic to Server B (Openvpn server) through stunnel. Stunnel configurations on server A and on server B are: server…
PouJa
  • 35
  • 6
0
votes
0 answers

stunnel server dont connect to endpoint

my servers were doing fine until i changed the server with stunnel (as server) to another one this is my server.conf file setuid = root setgid = root [server] cert=/etc/stunnel/cert.pem key=/etc/stunnel/key.pem accept = 0.0.0.0:1381 connect =…
IMIEEET
  • 11
  • 2
0
votes
0 answers

tcp syn is blocked, cant make a connection

so this is my current setup of openvpn+stunnel user>>internal-server-A(as stunnel client)>>main-out-of-country-server(running openvpn and stunnel as server) it worked fine in a restricted country for a while. but now tcp and udp connection from…
IMIEEET
  • 11
  • 2
0
votes
2 answers

Stunnel Server On CentOS 7 - TLS options: 0x2100000 (+0x0, -0x0) Error

I am using CentOS Linux release v7.9.2009 (Core) with latest update. First of all i installed latest version of OpenSSL there. Here is the commands for that installation : cd ~ wget https://www.openssl.org/source/openssl-3.0.7.tar.gz tar -zxvf…
helius.dev
  • 15
  • 5
0
votes
1 answer

Stunnel + OpenVPN connected but no internet

I have setup stunnel on server pid = /var/run/stunnel4/stunnel.pid output = /var/log/stunnel4/stunnel.log setuid = root setgid = root [openvpn] cert=/etc/stunnel/cert.pem options = NO_SSLv2 options = NO_SSLv3 options = NO_TLSv1 options =…
Steve Moretz
  • 173
  • 1
  • 9
0
votes
1 answer

Is HAProxy in front of Stunnel with SNIs possible?

I have a working SSL Termination with STunnel in front of HAproxy. Recently, the matter of adding support for HTTP/2 was thrown my way. That is easy with HAProxy, but, as a constraint, STunnel must stay. The reason for STunnel needing to stay is…
Ai N.
  • 3
  • 2
0
votes
1 answer

stunnel3 : [!] Inetd mode: TLS server needs a certificate [!] Configuration failed

I'm trying to configure and start stunnel3 but each time I get [!] Inetd mode: TLS server needs a certificate [!] Configuration failed stunnel.conf cert = /pathto/server.pem key = /pathto/server.key client = no fips = no sslVersion = all socket =…
John R
  • 101
  • 3
0
votes
0 answers

Stunnel outgoing packets strangely modified

I have a box with two nics setup as bridge. Ebtables redirects http traffic to iptables. The br0 ip address is 10.10.10.10. Stunnel is setup with transparent = source. It accepts connections on 127.1.1.1:8080 and always connects to the same ip…
r0b0tron
  • 3
  • 1
0
votes
1 answer

How to use Nginx HTTPS behind a SSLH and a STUNNEL

I have a NGINX listening on port 441 and SSLH listening to ports: 441(https), 442(ssh) and finally STUNNEL listening on port 443 forwarding to SSLH(port 2243). STUNNEL config: pid = /var/run/stunnel.pid cert =…
Pahan
  • 3
  • 3
1 2 3
10
11