[stunnel-users] Does stunnel support startTLS?

Markus Borst M.Borst at hrz.tu-darmstadt.de
Thu Apr 28 15:40:05 CEST 2011


Am 27.04.2011 22:34, schrieb Michal Trojnara:
> Markus Borst wrote:
>> From reading the documentation I'm not sure whether stunnel supports 
>> startTLS, there are a few option descriptions which might point to 
>> startTLS, but I'm not sure. Anybody knows the definite answer?
>
> Stunnel does support it.  The option name is "protocol".
>
> I have updated the manual to be more detailed:
> http://www.stunnel.org/static/stunnel.html
>
> Mike

Mike,

thanks for the documentation update, this makes it a lot clearer what 
the "protocol" option actually does. Could you provide a configuration 
example? For example, if I have configured my local imap server to 
listen on port 8143 (instead of 143), would this be a valid stunnel 
configuration?

[imap]
accept  = 143
connect = 8143
protocol = imap


Can I enforce starttls? i.e. if the client tries to authenticate to imap 
without first issuing starttls, it should be denied and/or the 
connection should be terminated.

Greetings
Markus Borst

-- 
TU Darmstadt
Hochschulrechenzentrum (HRZ)
Markus Borst
Adresse: 	Petersenstrasse 30, 64287 Darmstadt, Germany
Tel.: 	06151/16-2056
Email: 	M.Borst at hrz.tu-darmstadt.de




More information about the stunnel-users mailing list