[stunnel-users] I am clearly doing something wrong
This is a discussion on [stunnel-users] I am clearly doing something wrong within the Stunnel Users forums, part of the Networking and Network Related category; But I think the documentation has some serious gaps in it, too. I compiled stunnel, installed it, created certificates, and ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-06-2007
|
|||
|
|||
[stunnel-users] I am clearly doing something wrong
But I think the documentation has some serious gaps in it, too.
I compiled stunnel, installed it, created certificates, and even turned on debugging in the configuration file. Now, all I want to do is forward port 443 locally to port 80 elsewhere. Says my config file: cert = /usr/local/etc/stunnel/mail.pem ;key = /usr/local/etc/stunnel/mail.pem ; Protocol version (all, SSLv2, SSLv3, TLSv1) sslVersion = SSLv3 ; Some security enhancements for UNIX systems - comment them out on Win32 chroot = /usr/local/var/lib/stunnel/ setuid = nobody setgid = nogroup ; PID is created inside chroot jail pid = /stunnel.pid ; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 ; Some debugging stuff useful for troubleshooting debug = 7 output = stunnel.log ; Use it for client mode ; client = yes ; Service-level configuration [pop3s] accept = 995 connect = 110 [imaps] accept = 993 connect = 143 [ssmtp] accept = 465 connect = 25 [https] accept = 443 connect = elsewhere.com:80 TIMEOUTclose = 0 and when I run it, it says: sudo /usr/local/sbin/stunnel Password: 2007.01.05 18:51:01 LOG7[13470:2684415368]: Snagged 64 random bytes from /Users/chase/.rnd 2007.01.05 18:51:01 LOG7[13470:2684415368]: Wrote 1024 new random bytes to /Users/chase/.rnd 2007.01.05 18:51:01 LOG7[13470:2684415368]: RAND_status claims sufficient entropy for the PRNG 2007.01.05 18:51:01 LOG7[13470:2684415368]: PRNG seeded successfully 2007.01.05 18:51:01 LOG7[13470:2684415368]: Certificate: /usr/local/ etc/stunnel/mail.pem 2007.01.05 18:51:01 LOG7[13470:2684415368]: Certificate loaded 2007.01.05 18:51:01 LOG7[13470:2684415368]: Key file: /usr/local/etc/ stunnel/mail.pem 2007.01.05 18:51:01 LOG7[13470:2684415368]: Private key loaded 2007.01.05 18:51:01 LOG7[13470:2684415368]: SSL context initialized for service pop3s 2007.01.05 18:51:01 LOG7[13470:2684415368]: Certificate: /usr/local/ etc/stunnel/mail.pem 2007.01.05 18:51:01 LOG7[13470:2684415368]: Certificate loaded 2007.01.05 18:51:01 LOG7[13470:2684415368]: Key file: /usr/local/etc/ stunnel/mail.pem 2007.01.05 18:51:01 LOG7[13470:2684415368]: Private key loaded 2007.01.05 18:51:01 LOG7[13470:2684415368]: SSL context initialized for service imaps 2007.01.05 18:51:01 LOG7[13470:2684415368]: Certificate: /usr/local/ etc/stunnel/mail.pem 2007.01.05 18:51:01 LOG7[13470:2684415368]: Certificate loaded 2007.01.05 18:51:01 LOG7[13470:2684415368]: Key file: /usr/local/etc/ stunnel/mail.pem 2007.01.05 18:51:01 LOG7[13470:2684415368]: Private key loaded 2007.01.05 18:51:01 LOG7[13470:2684415368]: SSL context initialized for service ssmtp 2007.01.05 18:51:01 LOG7[13470:2684415368]: Certificate: /usr/local/ etc/stunnel/mail.pem 2007.01.05 18:51:01 LOG7[13470:2684415368]: Certificate loaded 2007.01.05 18:51:01 LOG7[13470:2684415368]: Key file: /usr/local/etc/ stunnel/mail.pem 2007.01.05 18:51:01 LOG7[13470:2684415368]: Private key loaded 2007.01.05 18:51:01 LOG7[13470:2684415368]: SSL context initialized for service https I see nothing that looks like a complaint, but when I go looking for a stunnel process, there is not one, nor is anyone listening on port 443 at localhost. I cannot be the first person who wanted to do this, but I found both the FAQ and the documentation to be uninformative. How do I keep stunnel running and listening for connections on 443? I tried client=yes, that didn't seem to help. I am running Stunnel 4.20 on MacOS 10.4.8 David Chase _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users 
|
Linear Mode
