Stunnel is an open-source multi-platform application used to provide a universal TLS/SSL tunneling service. Stunnel can be used to provide secure encrypted connections for clients or servers that do not speak TLS or SSL natively. It runs on a variety of operating systems, including most Unix-like operating systems and Windows.

Configure stunnel to provide the client certificate to the LDAP server and configure your client to connect to stunnel. Ideally, you'll run stunnel on the same server(s) as your application and only listen locally so that you don't expose your LDAP directory beyond that server. Stunnel package¶. The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote servers. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the program’s code. The app consists of a single activity hosting a WebView. The WebView connects to localhost where a Stunnel proxy (stunnel-client) is waiting to redirect traffic to yet another Stunnel proxy on the server (stunnel-server). The stunnel-server connects to a HomeAssistant server that may or may not be running on the same physical machine. The portnumber to listen on (where the stunnel client connects to). For our example we choose 31280 here. Target hostname. The hostname or ip number of the service to connect to, for this example the internal ip address of the proxy server. Target port. Port the service uses, in this case it would be 3128 (the default squid proxy port) Certificate

WARNING: SSLv3 is obsolete. Consider disabling it altogether. I'm trying to set up Stunnel to server as SSL cache. Everything was smooth, and mostly it works as designed.

Jan 31, 2011 · Firstly lets install stunnel on the client machine (In the case of my example this is actually my ‘server’ machine in Munin, but for example if you wanted to secure SMTP communications this would be the machine sending the emails). default: yes retry = yes | no reconnect a connect+exec section after it was disconnected default: no requireCert = yes | no require a client certificate for verifyChain or verifyPeer With requireCert set to no, the stunnel server accepts client connections that did not present a certificate. Stunnel is an open-source multi-platform application used to provide a universal TLS/SSL tunneling service. Stunnel can be used to provide secure encrypted connections for clients or servers that do not speak TLS or SSL natively. It runs on a variety of operating systems, including most Unix-like operating systems and Windows.

Configure stunnel to provide the client certificate to the LDAP server and configure your client to connect to stunnel. Ideally, you'll run stunnel on the same server(s) as your application and only listen locally so that you don't expose your LDAP directory beyond that server.

Re-write address to appear as if wrapped daemon is connecting from the SSL client machine instead of the machine running stunnel. This option is only available in local mode ( exec option) by LD_PRELOADing env.so shared library or in remote mode ( connect option) on Linux 2.2 kernel compiled with transparent proxy option and then only in server