[stunnel-users] stunnel-users Digest, Vol 138 / Topic 4: sTunnel http to Apache https?

Hathor27 stunnel at horn-data.ch
Mon Jan 4 22:21:04 CET 2016

Dear Jhon,

Thank you for your fast response.
My target https-server is a Synology DS211+ with Apache 2.2(Unix).
Its VirtualHost config looks like:

<VirtualHost *:443>
  ServerName myhost.mydomain.com
  ServerAlias internal.name.local
  DocumentRoot /somepath/not/used/at/all/
  SSLEngine On
  SSLProtocol all -SSLv2 -SSLv3  # TLSv1 or higher
  SSLProxyEngine On
  ProxyRequests On
  ProxyBadHeader Ignore
  ProxyVia Full
  AllowCONNECT myInternalPort
  <Proxy *>
    Order deny,allow
    Deny from all
  <ProxyMatch (internal\.name\.local)>
    Order allow,deny
    Allow from all
  LogLevel debug
  ErrorLog /logpath/sshserver-proxy_error_log
  CustomLog /logpath/sshserver-proxy_request_log combined

The sTunnel client config on Win7 is:
debug = 7
log = overwrite
output = C:\userpath\stunnel\stunnel.log
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
client = yes

accept =
connect = myhost.mydomain.com:443
retry = yes
config = Protocol:ALL
config = Protocol:-SSLv3

As I recognized today, it's not only my Apache server which doesn't accept my sTunnel requests, even the mentioned functional "sTunnel Client to sTunnel Server" gets blocked by the restricted 443 gateway (checks if https) - my sTunnel client request seems to be incompatible to https...

HTH / Best Regards

-----Ursprüngliche Nachricht-----
Von: stunnel-users [mailto:stunnel-users-bounces at stunnel.org] Im Auftrag von stunnel-users-request at stunnel.org
Gesendet: Montag, 4. Januar 2016 12:00
An: stunnel-users at stunnel.org
Betreff: stunnel-users Digest, Vol 138, Issue 2

Send stunnel-users mailing list submissions to
	stunnel-users at stunnel.org

To subscribe or unsubscribe via the World Wide Web, visit
or, via email, send a message with subject or body 'help' to
	stunnel-users-request at stunnel.org

You can reach the person managing the list at
	stunnel-users-owner at stunnel.org

When replying, please edit your Subject line so it is more specific than "Re: Contents of stunnel-users digest..."

Today's Topics:

   1. Re: Help: sTunnel http to Apache https? (Jhon BYaka)


Message: 1
Date: Sun, 03 Jan 2016 19:44:10 +0000
From: Jhon BYaka <byaka.life at gmail.com>
To: Hathor27 <stunnel at horn-data.ch>, stunnel-users at stunnel.org
Subject: Re: [stunnel-users] Help: sTunnel http to Apache https?
	<CAPEyKvrx7rhpUy04y8oCuyfxU89skk8QXg+M4E9aMoHKf6VTdg at mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

what "ssl-protocol" u set in server (ssl2, ssl2, tls) and in stunnel? What "Synology" product u mean?

вс, 3 янв. 2016 г. в 2:16, Hathor27 <stunnel at horn-data.ch>:

> Dear List Members,
> I searched, tried and recovered for several days and found no solution 
> that works…
> My topic is to establish an ssh remote session through a http-proxy 
> (http connect). In case of port restrictions I can only use pure https (443).
> So I try to wrap my http-proxy request into http over ssl (https) and 
> receive it on an Apache https server.
> I can establish a connection between sTunnel Client (Win7 Prof) and 
> sTunnel Server (Synology, Linux), both on 443  –  that works fine.
> But if I try to connect from sTunnel Client (443) to Apache Server 
> https, they seem to speek not the same protocol…
> …are there any examples for that?  –  or are sTunnel and Apache two 
> different things of SSL?
> I would be very glad to get some help here :)
> Best Regards
> Hathor27
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20160103/114fa9ae/attachment-0001.html>


Subject: Digest Footer

stunnel-users mailing list
stunnel-users at stunnel.org


End of stunnel-users Digest, Vol 138, Issue 2

More information about the stunnel-users mailing list