[stunnel-users] persistent SSL connection

Peter Pentchev roam at ringlet.net
Fri Mar 13 23:34:53 CET 2009

On Fri, Mar 13, 2009 at 01:28:56PM -0700, Dorai Ashok wrote:
> Hi all,
> I was able to setup stunnel between two hosts successfully but the only
> problem I am facing is that, the SSL connection between the two hosts is not
> persistent. For every connection I make to the stunnel client, a new SSL
> connection is established by the stunnel client to the stunnel server.
> Is there a configuration variable in stunnel which can make the SSL
> connection between stunnel client and server persistent ?

I don't think there's a way to do that.  SSL *is* a connection-oriented
protocol - it is meant to authenticate and/or encrypt a single session
between a client and a server.  I don't think that the protocol allows
both the "client" and "server" instances of stunnel (or, for that matter,
any other program that speaks SSL) to negotiate and maintain a multiplex
connection and differentiate between messages from different sessions
that are to be sent to different clients.

Of course, I could be wrong :)


Peter Pentchev	roam at ringlet.net    roam at space.bg    roam at FreeBSD.org
PGP key:	http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint	FDBA FD79 C26F 3C51 C95E  DF9E ED18 B68D 1619 4553
If I had finished this sentence,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20090314/183a6bda/attachment.sig>

More information about the stunnel-users mailing list