[stunnel-users] Connect to web app with weak crypto
pete at yerma.org
Fri Apr 29 11:42:01 CEST 2016
I have a java web app that uses weak crypto. I would like to be able to
access it with a modern browser. Currently the only method that seems to
work is links on freebsd 9.3, all other browsers give errors such as:
Error performing TLS handshake: The Diffie-Hellman prime sent by the server
is not acceptable (not long enough).
Obviously it would be better if this was fixed but it is not something I
have control of.
Would it be possible for me to use stunnel to encapsulate the weak
connection within a stronger one so the browser does not complain?
I have tried this:
; TLS front-end to a web server
client = yes
accept = 443
connect = 192.168.1.5:443
cert = /usr/local/etc/stunnel/stunnel.pem
Which asks me to make an exception for the self signed cert but then
proceeds to fail in same way as before.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the stunnel-users