Config and logs below but redacted, this is running on 2016 server, if it matters I am starting it over an RDP session

 

I find that the port is ignored in the config file and it always binds to ports in the 23*** range

 

 

 

 

 

 

 

; Sample stunnel configuration file by Michal Trojnara 2002-2006

; Some options used here may not be adequate for your particular configuration

 

; Certificate/key is needed in server mode and optional in client mode

; The default certificate is provided only for testing and should not

; be used in a production environment

;cert = stunnel.pem

;key = stunnel.pem

 

; Some performance tunings

socket = l:TCP_NODELAY=1

socket = r:TCP_NODELAY=1

 

; Workaround for Eudora bug

;options = DONT_INSERT_EMPTY_FRAGMENTS

 

; Authentication stuff

;verify = 2

; Don't forget to c_rehash CApath

;CApath = certs

; It's often easier to use CAfile

;CAfile = certs.pem

; Don't forget to c_rehash CRLpath

;CRLpath = crls

; Alternatively you can use CRLfile

;CRLfile = crls.pem

 

; Some debugging stuff useful for troubleshooting

debug = 7

output = /stunnel.log

 

; Use it for client mode

client = yes

 

; Service-level configuration

 

 

 

[Service Config]

accept=127.0.0.1:40001

connect = redacted:443

 

 

log file

 

2020.04.18 10:08:18 LOG7[main]: Dispatching a signal from the signal pipe

2020.04.18 10:08:18 LOG7[main]: Processing SIGNAL_RELOAD_CONFIG

2020.04.18 10:08:18 LOG7[main]: Running on Windows 6.2

2020.04.18 10:08:18 LOG5[main]: Reading configuration from file stunnel.conf

2020.04.18 10:08:18 LOG5[main]: UTF-8 byte order mark detected

2020.04.18 10:08:18 LOG7[main]: Compression disabled

2020.04.18 10:08:18 LOG7[main]: No PRNG seeding was required

2020.04.18 10:08:18 LOG6[main]: Initializing service [Service Config]

2020.04.18 10:08:18 LOG7[main]: Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK

2020.04.18 10:08:18 LOG7[main]: TLSv1.3 ciphersuites: TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256

2020.04.18 10:08:18 LOG7[main]: TLS options: 0x02100004 (+0x00000000, -0x00000000)

2020.04.18 10:08:18 LOG7[main]: No certificate or private key specified

 

 

 

2020.04.18 10:08:18 LOG4[main]: Service [Digital-Prod-MTF-FIX-MD] needs authentication to prevent MITM attacks

2020.04.18 10:08:18 LOG5[main]: Configuration successful

2020.04.18 10:08:18 LOG7[main]: Deallocating section defaults

2020.04.18 10:08:18 LOG5[main]: Logging to C:\Users\turnert\AppData\Local\/stunnel.log

2020.04.18 10:08:18 LOG7[main]: Binding service [New Broker FIX Demo-Trading]

2020.04.18 10:08:18 LOG7[main]: Listening file descriptor created (FD=1296)

2020.04.18 10:08:18 LOG7[main]: Setting accept socket options (FD=1296)

2020.04.18 10:08:18 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket

2020.04.18 10:08:18 LOG6[main]: Service [New Broker FIX Demo-Trading] (FD=1296) bound to 127.0.0.1:23471

2020.04.18 10:08:18 LOG7[main]: Binding service [Service Config]

 

 

This message and its attachments are confidential, may not be disclosed or used by any person other than the addressee and are intended only for the named recipient(s). If you are not the intended recipient, please notify the sender immediately and delete any copies of this message.

LMAX Group is the holding company of LMAX Exchange, LMAX Global and LMAX Digital. Our registered address is Yellow Building, 1A Nicholas Road, London W11 4AN.