[stunnel-users] older browsers, stunnel and privoxy

yyy yyy at yyy.id.lv
Thu Dec 13 09:24:23 CET 2018

It cannot be made to work.
TLS termination proxy is type of reverse proxy, proxy behind browser is a 
forward proxy.
Reverse proxy connects to 1 (or small set of) server, defined in proxy 
configuration, client cannot select destination server.
Forward proxy connects to many servers, defined in client connection 
Stunnel does not read contents of request and can connect only to defined 

----- Original Message ----- 
From: "kovacs janos" <kovacsjanosfasz at gmail.com>
To: "Yyy" <yyy at yyy.id.lv>
Cc: <stunnel-users at stunnel.org>
Sent: Wednesday, December 12, 2018 5:56 PM
Subject: Re: [stunnel-users] older browsers, stunnel and privoxy

> anyways, here is an article about what  i need:
> https://en.wikipedia.org/wiki/TLS_termination_proxy
> except it shouldnt pass the unencrypted data to a server but a browser.
> on the same page, stunnel is listed under "Servers capable of acting
> as a TLS/SSL termination proxy".
> i would be grateful if i could finally make this work
> On 12/9/18, kovacs janos <kovacsjanosfasz at gmail.com> wrote:
>> how can i disable verification though? at first i just want to see it
>> work at all.
>> in the howto page, it says this:
>> "
>> Stunnel has 3 methods for checking certificates, which are controlled
>> by the verify option:
>>     *
>>       Do not Verify Certificates
>>           If no verify argument is given, then stunnel will ignore any
>> certificates offered and will allow all connections.
>> "
>> there is no "verify" in the stunnel.conf file, and only the gmail
>> service examples have verifyChain

More information about the stunnel-users mailing list