[stunnel-users] Using stunnel to secure clients instead of servers

Ludolf Holzheid lholzheid at bihl-wiedemann.de
Wed Jan 7 15:31:06 CET 2015

On Wed, 2015-01-07 09:12:39 -0500, Leon Smith wrote:
> Hi,  this may be a slightly unusual request,   but I was curious if stunnel
> could be used for securing clients that do not support TLS,  to connect to
> services that optionally support TLS.
> So,  really,  stunnel already does almost everything that would be needed;
>  except that in this use case,  it would be listening for incoming
> unencrypted connections,  and then serve as a proxy to an encrypted
> connection to the actual service.   While it might be nice to offer
> certificate-based authentication options in this scenario,  it wouldn't be
> necessary for my intended use case,  so stunnel wouldn't need access to any
> private certificates.     However,  certificate pinning would be pretty
> essential to what I have in mind.


I'm not sure I understood your request, but isn't 'client = yes' what
you are looking for?



Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
Tel: +49 621 33996-0
Fax: +49 621 3392239
mailto:lholzheid at bihl-wiedemann.de
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796

More information about the stunnel-users mailing list