-   Linux - Server (
-   -   Why does TLS port accespt both TLS and plain TCP? (

kenneho 02-06-2009 05:53 AM

Why does TLS port accespt both TLS and plain TCP?
Hi all.

I've set up stunnel (i.e. the universal TLS tunnel) listening on port X on a server. It seems to me like the port accepts both TLS connections as well as regular TCP connections (not running under TLS), and I'm not sure why this works.

Does anyone know why both TLS and normal TCP traffic is accepted at this port? I know that TLS is run over TCP in the first place, so I'm guessing it has something to do with this.


acid_kewpie 02-06-2009 06:12 AM

stunnel can be used in many many ways, can you show us how you're using it? AFAIR you can configure stunnel to allow plain connections on an ideally TLS encrypted connection is desired.

kenneho 02-06-2009 08:50 AM

I'm setting up rsyslog to tunnel syslog-messages via TLS to the loghost.
This is the config file I'm using - found it in the rsyslog documentation:

; Certificate/key is needed in server mode
cert = /etc/stunnel/stunnel.pem

; Some debugging stuff useful for troubleshooting
debug = 7

accept  = 60514
connect = 61514

Don't see anything about allowing plain TCP, so I'm guessing it it the default or something.

acid_kewpie 02-06-2009 10:52 AM

So how is this being used?? This is the server side? What is connecting to this?

kenneho 02-08-2009 08:30 AM

Ah, I think I've got this the wrong way.... The rsyslog server listens to both rsyslog traffic (TCP) and stunnel traffic, on separate ports naturally. In my tests I directed plain TCP traffic to the rsyslog TCP port, not the stunnel port. That explains why things seemed to work even when I thought I directed TCP traffic to the stunnel port. My bad. :)

All times are GMT -5. The time now is 06:13 AM.