[stunnel-users] Re: Windows config with both SSL listen and non-SSL listen
Han Jun Li
hanjun.li at verizon.net
Thu Dec 8 15:54:50 CET 2005
Paul,
This is a temporary solution but it works. What you need to do is
run two instances of Stunnel--one instance configured in client mode and
the other in server mode. If you want to run both as services, you can
install the standard one with the "-install" switch. For the second
instance, you need to use some other binary to install it with a different
name and change the imagepath to point to the executable.
/han
>_____
>
>From: stunnel-users-bounces at mirt.net [mailto:stunnel-users-bounces at mirt.net]
>On Behalf Of Paul Hethmon
>Sent: Wednesday, December 07, 2005 2:50 PM
>To: stunnel-users at mirt.net
>Subject: [stunnel-users] Windows config with both SSL listen and
>non-SSLlisten
>
>
>I'm trying to set up using the Windows service the ability to listen in SSL
>mode on one port (5102) and forward to non-SSL port (5010) and then also
>listen on one port (5101) in non-SSL mode and forward to a remote port
>(5102) in SSL mode. What I have currently in the config is:
>
>[inbound]
>accept = 5102
>connect = 5010
>
>[outbound]
>accept = 5101
>connect = x.x.x.x:5102
>
>The first STunnel example on the website talks about doing this, sort of,
>but I don't see any options to specify on a service configuration level
>whether the listen port is in SSL or non-SSL mode. The use of a service name
>like [pop3] vs [pop3s] seems to imply a difference, but I've got a custom
>application I'm trying to tunnel two way, not a standard IETF service.
>
>A perusal of the last year's mailing list archives didn't yield anything. I
>guess the next step is to look at the source and see if it's supported
>unless someone here can tell me one way or the other. If it's not supported,
>I guess I'll add it in.
>
>thanks,
>
>Paul
>
>
>Paul Hethmon
>Senior Engineer
>ClareityT Security
>SAFEMLST Security Education, Consulting and Solutions
>http://www.SAFEMLS.com <http://www.safemls.com/>
>paul.hethmon at callclareity.com
>work: 865.671.6630
>cell: 865.250.3517
>
>
More information about the stunnel-users
mailing list