[stunnel-users] stunnel compatibility question

Brian Hatch bri at stunnel.org
Fri May 30 20:14:18 CEST 2008

Right around 2008-05-30 13:51 -0400, Patel Dippen-CDP054 suggested:

> Is the true? I have a similar issue. I have never implemented SSL or
> Stunnel. But, on whatever readup I have done so far, it seems Stunnel is
> a tunneling protocol (IPnIP). So, you do have to have Stunnel on the
> other end to extract the IP packet.

Stunnel puts data inside SSL, inside TCP.  Just like HTTPS is
HTTP (data) inside SSL, inside TCP.

You can think of the cleartext data inside the SSL tunnel for
both of those examples.  Yes, the data needs to be extracted
from the SSL stream in both cases, but the application that gets
it doesn't need to know diddly about it.

> I mean if you are saying it will work, that's great news for me.

It works if Stunnel is on one side and an SSL client or server
is on the other side.

> Our Server will have OpenSSL implementation but we plan to deploy
> Stunnel on the Client machine.

That's what Stunnel is for.

Brian Hatch                  "Sorry, sorry,
   Systems and                sorry, much apologizings."
   Security Engineer

Every message PGP signed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20080530/5eded01e/attachment.sig>

More information about the stunnel-users mailing list