[stunnel-users] Using stunnel to add https to a webserver that doesn't have ssl setup

Michael Avanessian mkanet at yahoo.com
Tue Oct 30 20:06:02 CET 2012

Hi there.  I appreciate that you guys are all helping each other out.  I am 
brand new to stunnel.  

Currently,  I'm using stunnel to add https to a webserver that doesn't have ssl  
setup; which works great.  I prefer to do that instead of using the  webserver's 
builtin ssl feature.

Stunnel.conf includes (which adds ssl to incoming http traffic on port 443)
accept  = 443
connect = 80

Also, incoming http:80 traffic can also come in; which would bypass stunnel, and 
go directly to the webserver as http.  

I am trying to make it so when someone visits:
http://mywebsite.com  (it forwards automatically to https://mywebsite.com).

Normally, I could do this a few different ways (provided my webserver had ssl 
added to it natively in a normal way)
1. webserver URL Rewrite plugin
2. webserver redirect plugin
3: <meta http-equiv="refresh" content="0; url=https://mywebsite.com">

For  whatever reason, I'm having all sorts of weird  issues when trying the 
three methods above if I use stunnel for ssl  instead of using the webserver's 
builtin ssl.  The first two methods  result in web browser redirect errors, the 
third method result in an  infinite loop reloading the https website.

Can someone please  tell me what extra accommodation I need to make considering 
that using  stunnel for https can complicate things.

I'm using IIS 7.5 as my  webserver.  I've tried using the the URL rewrite 2.0 
mod using the below  rule (which works for normal builtin ssl support in the 

<rule name="Redirect to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions><add input="{HTTPS}" pattern="^OFF$" />


I have also tried the "http redirect"  mod; which I can forward to any website 
except for the one I'm trying to  do.  Both take me to the https equivalent and 
give a redirect error.

Could someone please be kind enough to tell me what I'm missing?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20121030/33661804/attachment.html>

More information about the stunnel-users mailing list