[stunnel-users] stunnel-users Digest, Vol 75, Issue 13

Sun Oct 31 15:22:37 CET 2010

Thanks for the Answers, I may have a look at IPTables.

Hugo

On 30/10/2010 22:11, Pierre DELAAGE wrote:
> Hugo,
> You have all the answers in my previous mail, although "summarized".
> Anyway, please have a look at this :
>
> When you say "if user connects on ssl.example.com, <stunnel> forward
> frames"
> THEN you understand that you need SOMETHING to INTERCEPT AND REDIRECT
> the request of the client to the host "ssl.example.com" to YOUR
> stunnel GATEWAY (supposed on localhost),
> RIGHT ?
>
> So there must be something like iptable or a trick in DNS client or
> something like your own DNS server on local network to do that job.
> Tricking /windows/system32/drivers/etc/host file is a way to achieve
> this step.
>
> Then have a stunnel having 3 services declared and so on ...
>
> Pierre
>
>
>
>
>
> Le 30/10/2010 22:28, Hugo a écrit :
>> It's what I wanted to do: redirect the public 443 port on the correct local stunnel "accept:" port or service.
>> I'd set 3 services with 3 different certificates on 3 ports.
>>
>> By eg, my first domain is ssl.example.com and the second admin.example.com. These two records point on the same IP.
>> Stunnel has two services on that, so it binds two ports (!=443) (eg, 7100 and 7200)
>> Is there a way to stunnel (or another program) bind on port 443 and, if user connects on ssl.example.com, forward frames/respond using the service/port 7100, and the same for admin.example.com on 7200?
>>
>> https://ssl.example.com ==> https://ssl.example.com:7100
>> https://admin.example.com ==>https://admin.example.com:7200 ?
>>
>> Thanks
>>
>>  
>>
>> Message: 2
>> Date: Sat, 30 Oct 2010 11:45:19 -0400 (EDT)
>> From: Jon Daley <stunnel at jon.limedaley.com>
>> To: stunnel-users at mirt.net
>> Subject: Re: [stunnel-users] Many services on the same port
>> 	(VirtualHost)
>> Message-ID: <alpine.DEB.2.00.1010301139120.19689 at orange.limedaley.com>
>> Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
>>
>> On Sat, 30 Oct 2010, Hugo wrote:
>>
>>> Does anyone knows a way to make many services listening on the same port?
>>> I've got one stunnel4 server which allows me to crypt two http servers.
>>> The first service bind on port 465 and the second on 470.
>>> What I will is to let user access on the port 465 using 2 different
>>> ServerNames.
>>  	I am not sure what you are trying to do.  You want clients to 
>> connect via https to ports 465 on two different IPs and then stunnel to 
>> forward them to the appropriate http daemon?
>>  	I am not sure if stunnel works in that method - that is the 
>> reverse of what I use stunnel for - I connect via an unencrypted 
>> connection, and forward via stunnel to an encrypted daemon.
>>  	And if you are talking about virtually hosting https connections, 
>> that will work, as long as the certificate contains both servernames - you 
>> can't use two different certificates, because you don't know which 
>> certificate to serve until after the connection is encrypted.
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> stunnel-users mailing list
>> stunnel-users at mirt.net
>> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20101031/d359b533/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4398 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20101031/d359b533/attachment.bin>