[stunnel-users] TCP (Server / Client)

• Previous message (by thread): [stunnel-users] TCP (Server / Client)
• Next message (by thread): [stunnel-users] TCP (Server / Client)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
I have a normal TCP server which listenning to 192.168.1.4:4433 address. the client (192.168.1.5) will connect with the serveur via Port serie .I want to make a root  certificate CA, which will generate 2 pairs (  key + certificate) one for the server and one for the client. 1-Root certificate : CA2-Key + certificate:for the Client 3-Key + certificate:for the Server I do not know how to configure the SSL elements in Stunnel, I am using Windows XP.
 
 
My config: Stunnel.config for the server:
; Some performance tuningssocket = l:TCP_NODELAY=1socket = r:TCP_NODELAY=1
output = stunnel.log
; Authentication stuffverify = 1
; It's often easier to use CAfileCAfile = ca.pemcert = stunnel.pem debug = 7;foreground=yes client = no[server]accept  = 4433 connect = 192.168.1.4:4433
 
 
But doesn't work :(
 
thanks,



KHALED Khaled
Ingénieur de télécommunications et informatique

 
> Date: Tue, 8 Jan 2008 10:29:19 -0800> From: bri at stunnel.org> To: kkhaled at hotmail.fr> CC: stunnel-users at mirt.net; stunnel-users-owner at mirt.net> Subject: Re: [stunnel-users] TCP (Server / Client)> > Sometime near 2008-01-08 10:30 +0100, khaled khaled harangued:> > > I am a new STUNNEL user,I will do 2 secure sockets TCP (Server / Client). I > > would like to know how to set 'stunnel.conf. I tried but it does not work.> > You need to be more clear about > > 1) what IP/Port you want to accept on> 2) if you're accepting cleartext or ssl> > 3) what IP/Port you want to connect to (or prrogam to launch)> 4) if you're sending cleartext or ssl> (this should be the opposite of #2 above)> > > cert = server.crt > > key = serverkey.key> > CAfile = ca.crt> > accept = 192.168.1.4:4433> > connect = 192.168.1.4:4433> > You have stunnel accepting connections and send them to itself.> While a recursive loop may be fun, I doubt it's what you> actually wanted.> > > -- > Brian Hatch Friends come and go,> Systems and but enemies accumulate.> Security Engineer> http://www.ifokr.org/bri/> > Every message PGP signed
_________________________________________________________________
Nouveau ! Créez votre profil Messenger !
http://home.services.spaces.live.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20080109/7c4795bb/attachment.html>

• Previous message (by thread): [stunnel-users] TCP (Server / Client)
• Next message (by thread): [stunnel-users] TCP (Server / Client)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]