[stunnel-users] (no subject)

Michal Trojnara Michal.Trojnara at mirt.net
Fri Sep 17 09:49:31 CEST 2010

Ludolf Holzheid wrote:
> Sunil Karumuri wrote:
>> Can we configure Stunnel to have only ONE SSL connection (or a pool of
>> connections) between box A and B and have Stunnel use the open
>> for all traffic from various clients ?
> You may also be looking for a VPN solution.

... or just use SSH tunnels instead of SSL encapsulation.

It's not really the matter of specific software (e.g. stunnel), but the
SSL protocol itself.  SSL/TLS is based on 1:1 encapsulation of a data
stream in an SSL connection.  In most cases it's a good idea, e.g. traffic
shapers (in OS kernels or network devices) can see separate data streams
preventing starvation of low-throughput interactive connections.

It's possible to add a multiplexing layer between data streams and SSL. 
That's what so-called "SSL VPNs" do. Please note such an extension would be
proprietary and thus incompatible with any other product.  IMHO
interoperability is a huge advantage of stunnel over various proprietary


More information about the stunnel-users mailing list