<div dir="ltr"><div>IMO the problem has nothing to do with the alias. Of course, this IP hosts the service. Both DNS names point to the same IP address as you can see below:<br><br>$ dig <a href="http://l4884-iflmap.hcisbp.eu1.hana.ondemand.com">l4884-iflmap.hcisbp.eu1.hana.ondemand.com</a><br><br><a href="http://l4884-iflmap.hcisbp.eu1.hana.ondemand.com">l4884-iflmap.hcisbp.eu1.hana.ondemand.com</a>. 0 IN CNAME <a href="http://EU1571393051174.ssl.ondemand.com">EU1571393051174.ssl.ondemand.com</a>.<br><a href="http://EU1571393051174.ssl.ondemand.com">EU1571393051174.ssl.ondemand.com</a>. 3361 IN A 155.56.210.164<br><br></div>You may try to set the <b>sni</b> = SERVER_NAME parameter to see if it helps.<br><br><a href="https://www.stunnel.org/static/stunnel.html">https://www.stunnel.org/static/stunnel.html</a><br><div><br></div><div>Regards,</div><div>Flo Rance<br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Mar 19, 2018 at 5:56 AM, Tony <span dir="ltr"><<a href="mailto:nissan4x4@optusnet.com.au" target="_blank">nissan4x4@optusnet.com.au</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div link="blue" vlink="purple" lang="EN-AU"><div class="m_2486409804414996977WordSection1"><p class="MsoNormal">Hi all,<u></u><u></u></p><p class="MsoNormal">I have a situation where I’m trying to use sTunnel as the client to connect to a service on a secure URL, but the hiccup is that the secure URL is load balanced.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">If a do an nslookup on the URL, the response comes back as it being an alias.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal"><span style="font-family:"Courier New"" lang="EN-GB">Non-authoritative answer:</span><span lang="EN-GB"><u></u><u></u></span></p><p class="MsoNormal"><span style="font-family:"Courier New"" lang="EN-GB">Name: <a href="http://eu1571393051174.ssl.ondemand.com" target="_blank">eu1571393051174.ssl.ondemand.<wbr>com</a></span><span lang="EN-GB"><u></u><u></u></span></p><p class="MsoNormal"><span style="font-family:"Courier New"" lang="EN-GB">Address: 155.56.210.164</span><span lang="EN-GB"><u></u><u></u></span></p><p class="MsoNormal"><span style="font-family:"Courier New"" lang="EN-GB">Aliases: <a href="http://l4884-iflmap.hcisbp.eu1.hana.ondemand.com" target="_blank">l4884-iflmap.hcisbp.eu1.hana.<wbr>ondemand.com</a></span><span lang="EN-GB"><u></u><u></u></span></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Looking at the sTunnel log, it resolves to the IP of the server. But the IP itself does not host the service so I’m getting http:503 errors.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:44 LOG7[18796]: Service [ssl-OSRdev] (FD=564) bound to <a href="http://0.0.0.0:8085" target="_blank">0.0.0.0:8085</a><u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:55 LOG7[18796]: Service [ssl-OSRdev] accepted (FD=572) from <a href="http://192.168.0.22:61093" target="_blank">192.168.0.22:61093</a><u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:55 LOG7[18796]: Creating a new thread<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:55 LOG7[18796]: New thread created<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:55 LOG7[30864]: Service [ssl-OSRdev] started<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:55 LOG5[30864]: Service [ssl-OSRdev] accepted connection from <a href="http://192.168.0.22:61093" target="_blank">192.168.0.22:61093</a><u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:55 LOG6[30864]: s_connect: connecting </span><b><span style="font-size:10.0pt;font-family:"Courier New""><a href="http://155.56.210.164:443" target="_blank">155.56.210.164:443</a></span></b><span style="font-size:9.0pt;font-family:"Courier New""><u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:55 LOG7[30864]: s_connect: s_poll_wait <a href="http://155.56.210.164:443" target="_blank">155.56.210.164:443</a>: waiting 10 seconds<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG5[30864]: s_connect: connected <a href="http://155.56.210.164:443" target="_blank">155.56.210.164:443</a><u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG5[30864]: Service [ssl-OSRdev] connected remote server from <a href="http://192.168.0.32:30269" target="_blank">192.168.0.32:30269</a><u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: Remote socket (FD=588) initialized<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SNI: sending servername: </span><b><span style="font-family:"Courier New""><a href="http://l4884-iflmap.hcisbp.eu1.hana.ondemand.com" target="_blank">l4884-iflmap.hcisbp.eu1.hana.<wbr>ondemand.com</a></span></b><span style="font-size:9.0pt;font-family:"Courier New""><u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): before/connect initialization<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv2/v3 write client hello A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 read server hello A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 read server certificate A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 read server key exchange A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 read server certificate request A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 read server done A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 write client certificate A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 write client key exchange A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 write certificate verify A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 write change cipher spec A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 write finished A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:56 LOG7[30864]: SSL state (connect): SSLv3 flush data<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: SSL state (connect): SSLv3 read finished A<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: 1 items in the session cache<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: 1 client connects (SSL_connect())<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: 1 client connects that finished<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: 0 client renegotiations requested<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: 0 server connects (SSL_accept())<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: 0 server connects that finished<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: 0 server renegotiations requested<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: 0 session cache hits<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: 0 external session cache hits<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: 0 session cache misses<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: 0 session cache timeouts<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG7[30864]: Peer certificate was cached (3826 bytes)<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG6[30864]: SSL connected: new session negotiated<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG6[30864]: Negotiated TLSv1/SSLv3 ciphersuite: ECDHE-RSA-AES128-GCM-SHA256 (128-bit encryption)<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:57 LOG6[30864]: Compression: null, expansion: null<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:58 LOG6[30864]: SSL socket closed (SSL_read)<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:58 LOG7[30864]: Sent socket write shutdown<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:58 LOG5[30864]: Connection closed: 1730 byte(s) sent to SSL, 274 byte(s) sent to socket<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:58 LOG7[30864]: Remote socket (FD=588) closed<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:58 LOG7[30864]: Local socket (FD=572) closed<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:58 LOG7[30864]: Service [ssl-OSRdev] finished (0 left)<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:58 LOG7[30864]: str_stats: 3 block(s), 4294962489 data byte(s), 150 control byte(s)<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:58 LOG7[30864]: str_stats: 20 byte(s) at ..\src\network.c:413<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:58 LOG7[30864]: str_stats: 20 byte(s) at ..\src\network.c:412<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Courier New"">2018.03.16 14:44:58 LOG7[30864]: str_stats: 20 byte(s) at ..\src\network.c:411<u></u><u></u></span></p><p class="MsoNormal"><span><u></u> <u></u></span></p><p class="MsoNormal"><span>I have tested the service using SoapUI and it works.<u></u><u></u></span></p><p class="MsoNormal"><span><u></u> <u></u></span></p><p class="MsoNormal"><span>Is it possible to have sTunnel follow the URL redirection?<u></u><u></u></span></p><p class="MsoNormal"><span><u></u> <u></u></span></p><p class="MsoNormal"><span><u></u> <u></u></span></p><p class="MsoNormal"><span>Regards,<span style="color:#1f497d"> </span>Tony<span style="color:#1f497d"> <u></u><u></u></span></span></p></div></div><br>______________________________<wbr>_________________<br>
stunnel-users mailing list<br>
<a href="mailto:stunnel-users@stunnel.org">stunnel-users@stunnel.org</a><br>
<a href="https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users" rel="noreferrer" target="_blank">https://www.stunnel.org/cgi-<wbr>bin/mailman/listinfo/stunnel-<wbr>users</a><br>
<br></blockquote></div><br></div>