[stunnel-users] Creating a man in middle attack for legit purposes.

Todd Troutman todd at techlow.com
Wed Mar 16 10:10:22 CET 2005

So I don't normally start off on a list by immediately asking a question 
but I've got a weird one here that's a critical thing
tonight, plus, this might just be entertaining!

Problem : MacOS Panther has horrible performance problems with large 
https web apps.

So I setup Stunnel to take port 80 and run it through the web app on 
443. Provides http from an https server.
On a MacOS client machine I set /etc/hosts to say that 
system.netsuite.com, the web app, is, a handy
FreeBSD 5.3 box running stunnel 4.05

 It  works. Sort of.

Problems - the web app keeps rewriting the url from http to https, 
anytime I click on anything, hmmm.. so I can't make stunnel answer
on 443 because then I'm back to square one. Also, I can't login, the web 
app is giving me a login page as http, but I get a session timeout,please
login again, just repeats, unsure if something in the stunnel config 
should be done to fix that.   Other than that, this is working.

Config is currently this.


Anyway, so is this maybe one of the stranger uses of stunnel, possibly a 
wrong headed and broken way of using it, but oh well.
There goes my plea for some ideas on this one,



More information about the stunnel-users mailing list