Benutzer-Werkzeuge

Webseiten-Werkzeuge


stunnel

stunnel

cert = /var/lib/stunnel4/mhc.im.crt
key = /var/lib/stunnel4/mhc.im.pem

sslVersion = all

chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
pid = /extern.pid

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1

verify = 2

CApath = /CA
CAfile = /var/lib/stunnel4/CA/MHC-CA.crt
session = 86400

debug = 7
output = /var/log/stunnel4/extern.log

[https]
accept  = 443
connect = 127.0.0.1:8443

--sslVersion = SSLv3
sslVersion = all

; Some security enhancements for UNIX systems - comment them out on Win32
chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
; PID is created inside chroot jail
pid = /intern.pid

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;compression = rle

verify = 0

; Some debugging stuff useful for troubleshooting
;--
debug = 7
output = /var/log/stunnel4/intern.log

; Use it for client mode
client = yes

; Service-level configuration

;[https]
;accept  = 8443
;connect = 172.27.19.1:443
[https]
accept  = 8443
connect = 192.168.100.5:443

mhc.im.crt Server Zertifikat
mhc.im.pem Server Key
MHC-CA.crt Root Zertifikat

cd /var/lib/stunnel
/usr/lib/ssl/misc/c_hash mhc.im.crt
ln -s mhc.im.crt 60275be2.0

stunnel.txt · Zuletzt geändert: 2017/03/17 11:37 von 127.0.0.1