[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] stunnel?



It should not be difficult.  I have not generated a certificate yet.  But
you'll have to have stunnel listen to 4 seperate ports.  Usually you would
access a web site with http://www.website.com   with stunnel it is
https://www.website.com  I'm not sure how you would make stuneel go to 4
different IPs.  But stunnel does not have to be on the webserver so it
should help with the firewall issues.  I do not use a config.  I jsut use
command line parameters.

Chris


-----Original Message-----
From: Robert L. Harris [mailto:Robert.L.Harris at rdlg.net]
To: ale at ale.org
Sent: Thursday, March 07, 2002 4:01 PM
To: Chris Fowler
Cc: Robert L. Harris; ale at ale.org
Subject: Re: [ale] stunnel?




Hope you got a couple mins for a few questions :>

I have 4 servers running a home grown app that talk http.  We want to
put a single server in front of the 4 that'll do the https using
stunnel.  Start 4 stunnel instances on the single server, bind them to 4
diff IP's and forward to the http inside.  It's kinda funky, but it's
because of firewall issues.

Per chance you could show me your config for starting stunnel and your
thoughts on how these 4 would be done, etc?

Thanks,
  Rboert


Thus spake  Chris Fowler (cfowler at outpostsentinel.com):

> I am.  Works great.  Especially on web servers that do not natively
support https.
>
>
> -----Original Message-----
> From: "Robert L. Harris" <Robert.L.Harris at rdlg.net>
> Date: Thu, 7 Mar 2002 13:46:00 -0700
> To: Atlanta Linux Enthusiasts <ale at ale.org>
> Subject: [ale] stunnel?
>
>
> >
> >
> >
> > Anyone using stunnel to provide https support to a http server?
> >
> > :wq!
>
> --------------------------------------------------------------------------
-
> > Robert L. Harris                |  Micros~1 :
> > Senior System Engineer          |    For when quality, reliability
> >   at RnD Consulting             |      and security just aren't
> >                                 \_       that important!
> > DISCLAIMER:
> >       These are MY OPINIONS ALONE.  I speak for no-one else.
> > FYI:
> >  perl -e 'print
$i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
> >
> >
> > ---
> > This message has been sent through the ALE general discussion list.
> > See http://www.ale.org/mailing-lists.shtml for more info. Problems
should be
> > sent to listmaster at ale dot org.
> >
> >
> >
> >
>
> --
>
>
____________________________________________________________________________
____
> Access your POP email anytime, anywhere with WebMail.com
(www.webmail.com), a product of Mail.com.
>
>
>



:wq!
---------------------------------------------------------------------------
Robert L. Harris                |  Micros~1 :
Senior System Engineer          |    For when quality, reliability
  at RnD Consulting             |      and security just aren't
                                \_       that important!
DISCLAIMER:
      These are MY OPINIONS ALONE.  I speak for no-one else.
FYI:
 perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.




---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.