[stunnel-users] Connecting to stunnel with SQLServer

Wed Jun 30 02:20:25 CEST 2010

Could someone please point me to appropriate configuration for
configuring stunnel on the client side with SQL server?

On Fri, Jun 25, 2010 at 12:23 PM, Mohit Anchlia <mohitanchlia at gmail.com> wrote:
> Has anyone else tried using Java SSL or anything using Java that will
> not require stunnel on the client side?
>
> On Fri, Jun 25, 2010 at 12:13 PM, Carter Browne <cbrowne at cbcs-usa.com> wrote:
>> On 6/24/2010 11:00 PM, Mohit Anchlia wrote:
>>> On Thu, Jun 24, 2010 at 10:27 AM, Carter Browne <cbrowne at cbcs-usa.com> wrote:
>>>
>>>> On 6/24/2010 12:09 PM, Mohit Anchlia wrote:
>>>>
>>>>> On Thu, Jun 24, 2010 at 5:14 AM, Carter Browne <cbrowne at cbcs-usa.com> wrote:
>>>>>
>>>>>
>>>>>> It is very easy to do if you have stunnel running on both ends.  On the
>>>>>> client side in the configuration file you could have:
>>>>>>
>>>>>> [MSSQL-OUT]
>>>>>> accept = localhost:1433
>>>>>> connect = remote:20000
>>>>>> client = yes
>>>>>>
>>>>>>
>>>>> Thanks. So if I have stunnel running on both ends how do I connect to
>>>>> SQL server? Just open a JDBC connection on the local port and it will
>>>>> automatically connect on the remote side?
>>>>>
>>>>>
>>>> In this example, I would define an alias using the configuration manager
>>>> giving it your name for the data base, and having it connect to port
>>>> 1433 on localhost.  For my systems,
>>>> I usually use a dummy name defined in the 127.0.0.0/8 net and some port
>>>> other than 1433.  This approach does require stunnel on both ends.  I
>>>> haven't tried any other approaches.
>>>> MS SQL server does have some options for encrypting the traffic as well
>>>> - I did not think they would work for my mixed Linux/Windows
>>>> environment, but it might work for your environment.
>>>>
>>>>
>>>>
>>>>> Also, are there any other options? We have 20 servers from which we
>>>>> need to connect. I was trying to avoid install of another binary and
>>>>> relying on it for being up and running. Is it possible to use Java
>>>>> SSL? Or is that too complicated and not proven to work? Not sure if
>>>>> there is any other option.
>>>>>
>>>>>
>>>>>
>>>>>> on the remote side have:
>>>>>>
>>>>>> [MSSQL-IN]
>>>>>> accept = 20000
>>>>>> connect = 1433
>>>>>> client = no
>>>>>>
>>>>>> In this example port 20000 would have to be open to any firewalls
>>>>>> including the Windows firewall and assumes you are using the standard
>>>>>> MSSQL port on the server.
>>>>>>
>>>>>> You would probably want to use the SQL Server Configuration Manager on
>>>>>> the client computer to add an alias for your data base.
>>>>>>
>>>>>>
>>> Our client will be on Linux box. I am trying to understand if I am
>>> using JDBC the connection URL is something like:
>>>
>>> jdbc:sqlserver://[serverName[\instanceName][:portNumber]][;property=value[;property=value]]
>>>
>>> So if I use stunnel on both sides then how will this work? What will I
>>> give in my connection string?
>>>
>>
>> I don't have a Java DB connection, so I cannot speak from experience.
>> For both the Windows and the Linux ODBC drivers, using the example above
>> the server name would be
>> localhost:1433.  The Instance name and any properties that you send
>> would not change.  Again, using the values in the example, stunnel is
>> simply mapping localhost:1433 to remote:1433.
>>
>> Carter
>>>
>>>>>> Carter
>>>>>>
>>>>>> Carter Browne
>>>>>> CBCS
>>>>>> cbrowne at cbcs-usa.com
>>>>>> 781-721-2890
>>>>>>
>>>>>>
>>>>>> On 6/23/2010 11:32 PM, Mohit Anchlia wrote:
>>>>>>
>>>>>>
>>>>>>> We have a requirement to connect to a SQLServer that is connected
>>>>>>> through stunnel on the other end. Can I use java SSL to talk to
>>>>>>> stunnel? What are my options?
>>>>>>> _______________________________________________
>>>>>>> stunnel-users mailing list
>>>>>>> stunnel-users at mirt.net
>>>>>>> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>