[stunnel-users] Connect using TLS with public Web Server

Peter Pentchev roam at ringlet.net
Mon Mar 5 13:22:40 CET 2018

On Mon, Mar 05, 2018 at 12:32:41PM +0100, Carlos Castro wrote:
> Hello ,
> Thanks @Peter
> I'm trying to configure to connect with my PC to this Public server
> https://ctm.omgeo.net using TLS1.2 but i don't can.
> I'm need setup stunnel for old application doesn't support TLS , and this
> application need connect with this public server to send data.
> I'm using the Peter config , but nothing . I try this config :
> [omgeo]
> client = yes
> accept =
> connect = ctm.omgeo.net:443
> verify = 2
> CApath = /etc/ssl/certs/
> I'm using Curl to try connect  , I'm recive this error
> /etc/ssl/certs# curl -v

Maybe I'm reading this wrong, but if your client application does not
support TLS, then it won't speak HTTPS, it would speak plain HTTP.
That's what the configuration you're using does - it tells stunnel to
run in client mode, i.e. something will connect to stunnel using
an unencrypted connection and stunnel will connect to a TLS server
(in this case an HTTPS server).

So what happens when you try almost the same query, but with the "http"
scheme instead of the "https" one?

  curl -v


Peter Pentchev  roam at ringlet.net roam at FreeBSD.org pp at storpool.com
PGP key:        http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115  C354 651E EFB0 2527 DF13
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20180305/d39f7fa1/attachment.sig>

More information about the stunnel-users mailing list