[stunnel-users] Using stunnel to secure clients instead of servers

Ludolf Holzheid lholzheid at bihl-wiedemann.de
Wed Jan 7 15:31:06 CET 2015


On Wed, 2015-01-07 09:12:39 -0500, Leon Smith wrote:
> Hi,  this may be a slightly unusual request,   but I was curious if stunnel
> could be used for securing clients that do not support TLS,  to connect to
> services that optionally support TLS.
> 
> So,  really,  stunnel already does almost everything that would be needed;
>  except that in this use case,  it would be listening for incoming
> unencrypted connections,  and then serve as a proxy to an encrypted
> connection to the actual service.   While it might be nice to offer
> certificate-based authentication options in this scenario,  it wouldn't be
> necessary for my intended use case,  so stunnel wouldn't need access to any
> private certificates.     However,  certificate pinning would be pretty
> essential to what I have in mind.

Leon,

I'm not sure I understood your request, but isn't 'client = yes' what
you are looking for?

Ludolf


-- 

Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
 
Tel: +49 621 33996-0
Fax: +49 621 3392239
 
mailto:lholzheid at bihl-wiedemann.de
http://www.bihl-wiedemann.de
 
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796


More information about the stunnel-users mailing list