[stunnel-users] (no subject)

• Previous message (by thread): [stunnel-users] (no subject)
• Next message (by thread): [stunnel-users] Large performance difference: Solaris vs Linux
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ludolf Holzheid wrote:
> Sunil Karumuri wrote:
>> Can we configure Stunnel to have only ONE SSL connection (or a pool of
>> connections) between box A and B and have Stunnel use the open
connection
>> for all traffic from various clients ?
> 
> You may also be looking for a VPN solution.

... or just use SSH tunnels instead of SSL encapsulation.

It's not really the matter of specific software (e.g. stunnel), but the
SSL protocol itself.  SSL/TLS is based on 1:1 encapsulation of a data
stream in an SSL connection.  In most cases it's a good idea, e.g. traffic
shapers (in OS kernels or network devices) can see separate data streams
preventing starvation of low-throughput interactive connections.

It's possible to add a multiplexing layer between data streams and SSL. 
That's what so-called "SSL VPNs" do. Please note such an extension would be
proprietary and thus incompatible with any other product.  IMHO
interoperability is a huge advantage of stunnel over various proprietary
products.

Mike

• Previous message (by thread): [stunnel-users] (no subject)
• Next message (by thread): [stunnel-users] Large performance difference: Solaris vs Linux
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]