[stunnel-users] Windows 7 connection to HTTPS server

josealf at rocketmail.com josealf at rocketmail.com
Sun Jul 10 13:45:12 CEST 2011


The certificates setup has been clarified in this list before. For me, the easiest way is to put individual CA (Certificate Authority) certificates (root and intermediate)  in a directory,  point stunnel to it, and run c_rehash to create the links...ah, but your're on windows. That creates a small problem, because most likely you won't have the support files handy (openssl.exe, c_rehash.pl, perl). So it's probably easier for you create a bundle text file with all  required CA certificates in PEM format and point stunnel to it with the CAfile directive. You can find examples in the web.

Regards,
Jose
-----Original Message-----
From: "Daniel Pierce" <dpierce at xpertassist.com>
Date: Sat, 9 Jul 2011 21:36:39 
To: <josealf at rocketmail.com>; <stunnel-users-bounces at stunnel.org>; <stunnel-users at stunnel.org>
Subject: RE: [stunnel-users] Windows 7 connection to HTTPS server

Jose,

Thanks for your recommendation.  I set verify = 0 and the connection started
to work.  Must be a certificate issue.

Based on the documentation I didn't define the value because it says 

verify = level

    verify peer certificate

    level 1 - verify peer certificate if present
    level 2 - verify peer certificate
    level 3 - verify peer with locally installed certificate
    default - no verify

Thanks again.
Dan

-----Original Message-----
From: josealf at rocketmail.com [mailto:josealf at rocketmail.com] 
Sent: Saturday, July 09, 2011 4:29 PM
To: Daniel Pierce; stunnel-users-bounces at stunnel.org;
stunnel-users at stunnel.org
Subject: Re: [stunnel-users] Windows 7 connection to HTTPS server

Daniel,

If you have an https web server, do you really need stunnel to connect to
it? Most likely you don't.
If you want to do GETs and POSTs you can do it with curl. You don't need
stunnel in the middle.

If your stunnel is listening in port 3600 in client mode it expects a clear
text connection, not an SSL one. That is, you should do
http://localhost:3600/whatever, not https://localhost:3600/what ever. Try
with verify=0 in the stunnel.conf to see if you get a connection.



Regards,

Jose
-----Original Message-----
From: "Daniel Pierce" <dpierce at xpertassist.com>
Sender: stunnel-users-bounces at stunnel.org
Date: Fri, 8 Jul 2011 22:16:24
To: <stunnel-users at stunnel.org>
Subject: [stunnel-users] Windows 7 connection to HTTPS server

_______________________________________________
stunnel-users mailing list
stunnel-users at stunnel.org
http://stunnel.mirt.net/mailman/listinfo/stunnel-users






More information about the stunnel-users mailing list