[stunnel-users] Windows config with both SSL listen and non-SSLlisten

Michal Trojnara Michal.Trojnara at mobi-com.net
Wed Dec 7 15:03:22 CET 2005


This feature is going to be supported in the next release (4.15).

Your config will look like this:

client = no
accept = 5102
connect = 5010
client = yes
accept = 5101
connect = x.x.x.x:5102

Best regards,


From: stunnel-users-bounces at mirt.net [mailto:stunnel-users-bounces at mirt.net]
On Behalf Of Paul Hethmon
Sent: Wednesday, December 07, 2005 2:50 PM
To: stunnel-users at mirt.net
Subject: [stunnel-users] Windows config with both SSL listen and

I'm trying to set up using the Windows service the ability to listen in SSL
mode on one port (5102) and forward to non-SSL port (5010) and then also
listen on one port (5101) in non-SSL mode and forward to a remote port
(5102) in SSL mode. What I have currently in the config is:
accept = 5102
connect = 5010
accept = 5101
connect = x.x.x.x:5102
The first STunnel example on the website talks about doing this, sort of,
but I don't see any options to specify on a service configuration level
whether the listen port is in SSL or non-SSL mode. The use of a service name
like [pop3] vs [pop3s] seems to imply a difference, but I've got a custom
application I'm trying to tunnel two way, not a standard IETF service.
A perusal of the last year's mailing list archives didn't yield anything. I
guess the next step is to look at the source and see if it's supported
unless someone here can tell me one way or the other. If it's not supported,
I guess I'll add it in.
Paul Hethmon
Senior Engineer
ClareityT Security
SAFEMLST Security Education, Consulting and Solutions
http://www.SAFEMLS.com <http://www.safemls.com/> 
paul.hethmon at callclareity.com
work: 865.671.6630
cell: 865.250.3517

More information about the stunnel-users mailing list