LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 08-02-2012, 10:16 AM   #1
sanjay87
Member
 
Registered: Oct 2011
Posts: 164

Rep: Reputation: Disabled
what is difference major between stunnel & ssl configuration


Hi all
Today to try out something new i tried out stunnel.I had configured ssl configuration in apache & tomcat .But i could find what the major difference between ssl & stunnel.Both perform the same function they encrypt the data flow in internet .


i try out the link an configured stunnel but it deliever error while connecting the server using telnet

http://blog.thesysadmins.co.uk/using...nnections.html


cat /etc/stunnel/stunnel.conf
; Sample stunnel configuration file by Michal Trojnara 2002-2006
; Some options used here may not be adequate for your particular configuration
; Please make sure you understand them (especially the effect of chroot jail)

; Certificate/key is needed in server mode and optional in client mode
cert = /etc/stunnel/stunnel.pem
;key = /etc/stunnel/mail.key

; Some security enhancements for UNIX systems - comment them out on Win32
chroot = /var/run/stunnel/
setuid = nobody
setgid = nobody
; PID is created inside chroot jail
pid = /stunnel.pid

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;compression = rle

; Workaround for Eudora bug
;options = DONT_INSERT_EMPTY_FRAGMENTS

; Authentication stuff
;verify = 2
; Don't forget to c_rehash CApath
; CApath is located inside chroot jail
;CApath = /certs
; It's often easier to use CAfile
;CAfile = /etc/stunnel/certs.pem
;CAfile = /usr/share/ssl/certs/ca-bundle.crt
; Don't forget to c_rehash CRLpath
; CRLpath is located inside chroot jail
;CRLpath = /crls
; Alternatively you can use CRLfile
;CRLfile = /etc/stunnel/crls.pem

; Some debugging stuff useful for troubleshooting
;debug = 7
;output = stunnel.log

; Use it for client mode
client = yes

; Service-level configuration

[pop3s]
accept = 995
connect = 110

[imaps]
accept = 993
connect = 143

[ssmtp]
accept = 465
connect = 25

;[https]
;accept = 443
;connect = 80
;TIMEOUTclose = 0

[www]
accept = 80
connect = 10.200.2.36:8080

; vim:ft=dosini
[root@node01 ~]#



telnet 10.200.2.36:80
10.200.2.36:80/telnet: Name or service not known
 
Old 08-03-2012, 06:39 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981
what are you actually asking?

SSL is a mechanism for encrypting a data stream (or other forms of data)

stunnel is a tool which provide noddy proxying to encrypt and decrypt SSL.

stunnel is amazingly useful, but should not really be a long term solution to anything.

as for the telnet command, you need a space between the ip and port, not a colon.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
DISCUSSION: SSL-Encrypting Syslog via Stunnel rgerhards LinuxAnswers Discussion 2 05-08-2012 08:37 AM
[SOLVED] stunnel configuration eroor jsaravana87 Linux - Server 1 02-01-2012 04:48 AM
LXer: Stunnel - Universal SSL tunnel for network daemons LXer Syndicated Linux News 0 11-21-2011 12:10 PM
mysql times out over ssl with stunnel abefroman Linux - Software 1 02-13-2010 10:19 PM
Stunnel and Postfix SSL Setup metallica1973 Linux - Networking 2 02-22-2009 11:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 09:59 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration