[stunnel-users] Stunnel as an "HTTPS to HTTPS" proxy
Javier
meresponde2001-stn at yahoo.es
Mon Mar 4 17:49:32 CET 2013
On Mon, 04 Mar 2013 11:01:37 +0200
"jmwb at webmail.co.za" <jmwb at webmail.co.za> wrote:
> Hi,
>
> Please could you tell me if Stunnel supports HTTPS on the
> client-side i.e. a
> true SSL proxy with client-side SSL and server-side SSL (or if
> anyone has developed a version that does)?
>
> I have tried searching for this without luck because it is
> difficult to narrow
> down the search criteria e.g. Stunnel is already cited as an SSL
> proxy.
>
> jmwb
Hi,
Stunnel is a proxy itself, or a tunnel, as you whish. A secure
transparent proxy/tunnel for non-capable SSL/secure applications.
A simple example. Imagine you can't use, for whatever reason, SSL
with your web browser (or other application but I'll use a web
example) and your web server.
You'll need to create in the Stunnel.conf in the client side a
client service as:
[my_client]
client = yes
; just a random port where the web browser will connect
accept = 127.0.0.1:8523
; address of web server IP or hostname, web SSL port 443 or other
;random depending on your needs
connect = webserver:443
In the server side...:
[my_server]
client = no
accept = webserver:443
; address or hostname and port where the web server accepts
; connections
connect = webserver:45689
With this configuration, there is a transparent SSL proxy/tunnel
between the non-capable SSL browser and the non-capable SSL web
server. All SSL dialog is made between the both instances of stunnel
(client and server side). Also, you can configure them to use
certificates (no need to use browser insalled certificates for
example).
Hope this can help. It is quite easy. For further configurations,
just check the manual. It is almost all there. And/or lots of
examples around the web.
Regards.
More information about the stunnel-users
mailing list