stunnel | Simple SOCKS5/HTTP tunnel | Proxy library
kandi X-RAY | stunnel Summary
kandi X-RAY | stunnel Summary
Simple SOCKS5/HTTP tunnel
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of stunnel
stunnel Key Features
stunnel Examples and Code Snippets
Community Discussions
Trending Discussions on stunnel
QUESTION
I am trying to create a single TLS connection from a client to a server. Inside this tunnel, I would like to have two different types of streams: HTTPS traffic that I want the server to forward to a specific API server, and OpenVPN traffic(which is a combination of TLS and a TCP data stream). I am looking into WebSocket to do so, but can't find information on how to forward the stream to the correct destination (OpenVPN vs HTTPS API server) once it reaches my server. Is WebSocket a good solution for this? Is stunnel a better option? Are there existing solutions that offer this functionality?
...ANSWER
Answered 2021-Jun-14 at 06:54I've ended up solving this using SSLH and ghostunnel: on the client, I have started a ghostunnel listening on 127.0.0.1:8443 and forwarding the TLS-wrapped traffic towards a ghostunnel server I have in the cloud (listening on 443). I have directed my OpenVPN client to connect to 127.0.0.1:8443. I have also directed my HTTPS client to connect to 127.0.0.1:8443. On the server side, the traffic coming out of the ghostunnel server is funnelled into an SSLH server which in turn has two rules: forward TLS traffic to my webserver, and OpenVPN towards my OpenVPN server. The solution works great!
QUESTION
i have a problem with a script, when is executed from cron the script does not work as expected but when i execute it from ssh it runs as is supposed.
Setup: QNAP NAS
The script that i'm trying to run:
...ANSWER
Answered 2021-Mar-26 at 12:08The fix to my issue was to set the full path to docker. e.g:
QUESTION
Using sTunnel
with QuickFix C++: To login to the LMAX UAT over SSL-internet
and send FIX 4.2
messages over a TCP connection. Another similar SO question can be found here, but doesn't appear to solve this particular issue.
OS: Ubuntu 19.10 | sTunnel version: 5.55 | Engine: quickfix-1.15.1 | Venue: LMAX [UAT-LD4]
Problem:Cannot login to the UAT. After starting sTunnel
and then running the client application which first sends a LOGON
message, no authentication is received. LMAX have said the client server public IP addr has been whitelisted.
*Configs found further below. When trying to login:
...ANSWER
Answered 2021-Feb-11 at 14:19SOLUTION:
It appeared that indeed the IP address (as helpfully noted by @Christoph John) had not been correctly whitelisted by the server-side.
However, the problem persisted. In the sTunnel configuration, I had to change sslVersion = TLSv1.1
to sslVersion = TLSv1.2
.
As well as this, it appears that the UAT would not accept FIX 4.2
messages. After changing the protocol version to FIX 4.4
, I could finally LOGON
to the UAT.
QUESTION
I have a cron job that runs dehydrated to renew Let's Encrypt certificates on my QNAP webserver.
I want it to fetch the current vhosts file that is generated by QNAP, get the section for the actual site, and then replace that information with correct certificate data.
Here is a section of the vhosts-file:
...ANSWER
Answered 2021-Jan-07 at 14:56Try this:
QUESTION
i'm working on a chat application using django Channels
and reconnecting-web-socket the app works fine locally but when deployed to heroku
the site works fine but the web socket closes before connection is established and sometimes it works fine.
it tries to connect and says websocket open and established
...ANSWER
Answered 2020-Nov-21 at 15:06the problem was in reconnecting-web-socket.min.js changing
QUESTION
!!JUST WRITING THIS POST SO THAT SOMEONE CAN SAVE HOURS IN THIS!!
I tried a hell lot to install this "stunnel" but was unable to do so I was in my cpanel's terminal
What I tried all with 'sudo'
...ANSWER
Answered 2020-Oct-27 at 19:32I searched everywhere but I didn't find it so I tried it myself and it worked
Hope this may help others who are stuck with this in their cpanel RHEL FEDDORA CENTOS
What I did is this:
Open Terminal from Cpanel and run this
QUESTION
I'm trying to figure out the way docker handles commands presented to it.
For example if I run this the JS app starts fine.
...ANSWER
Answered 2020-Sep-16 at 19:51Either &&
or ;
between command, shell will execute in order. So, the first command needs to finish first and then the subsequent command run.
BUT you call nginx -g 'daemon off;'
will make it run in the foreground. Therefore, it is never finished running. The commands follows won't run.
However, I am still not sure why stunnel; nginx; cd /video_recordings/voddirectory; pm2 start app.js; pm2 startup;
does not run as the normal behaviour of Nginx should go background.
QUESTION
I would like to set up a basic 3-node Redis Sentinel setup using the new TLS features of Redis 6. Unfortunately, it doesn't seem like Redis 6 Sentinel is smart enough to speak TLS to clients.
Does anyone know of a way to do this, or if it's not possible, if there are any mentions online about adding support for this in the future? It seems a shame to have these nice TLS features and not be able to use them with Redis' own tools.
I am aware that in the past people have used Stunnel to do this. With TLS support added to Redis, I am only interested in doing this if it can be done without third party addtions.
My setup:
3 Redis servers (6.0-rc, last pulled last week), running TLS with the test certs as specified in the Redis docs - one master and 2 replicas
3 Sentinels (6.0-rc, also last pulled last week), not running TLS on their ports (I would like to, but that's a secondary problem)
What I've Tried:
Pointing Sentinel to the Redis TLS port - this results in lots of TLS errors in Redis' logs about incorrect TLS version received, as Sentinel is not speaking TLS to Redis. Since it fails, Sentinel thinks the master is down.
Adding "https://" in the Sentinel config in front of the master IP - this results in Sentinel refusing to run, saying it can't find the master hostname.
Adding TLS options to Sentinel - this results in Sentinel trying to talk TLS on its ports, but not to clients, which doesn't help. I couldn't find any options specifically about making Sentinel speak TLS to clients.
Pointing Sentinel to the Redis not-TLS port (not ideal, I would rather only have the TLS port open) - this results in Sentinel reporting the wrong (not-TLS) port for the master to the simple Python client I'm testing with (it literally just tries to get master info from Sentinel) - I want the client to talk to Redis over TLS for obvious reasons
Adding the "replica-announce-port" directive to Redis with Sentinel still pointed to the not-TLS port - this fails in 2 ways: the master port is still reported incorrectly as the not-TLS port (seems to be because the master is not a replica and so the directive does not apply), and Sentinel now thinks the replicas are both down (because the TLS port is reported, replicas are auto discovered, and it can't speak to the replicas on the TLS port).
I am aware of this StackOverflow question (Redis Sentinel and TLS) - it is old and asks about Redis 4, so it's not the same.
...ANSWER
Answered 2020-May-25 at 13:01Try to add tls-port option to the sentinel.conf as it seems to enable TLS support in general and the same is stated in documentation. For me the below two statements added to sentinel.conf on a top of the rest of TLS configuration actually made the trick.
tls-port 26379
port 0
QUESTION
In a TLS communication I always thought the server would send the public certificate to the client during the handshake process.
However, I received a request from a provider asking us to manually install a certificate in order to initiate a TLS communication with one of their STunnel server.
I'm a bit confuse by this request. Is there's a situation where TLS server would not be able to send the certificate to the client and therefore required a manuel certificate installation?
...ANSWER
Answered 2020-May-01 at 19:57There are two cases where a certificate installation is needed on the client side:
- The server is using a certificate not issued by a public CA, i.e. self-signed or issued by a private CA. In this case the client must import the certificate or CA up front and install it as trusted.
- The server is requiring client authentication based on certificates, i.e. not only the server authenticates to the client with a certificate but also the client to the server (instead or additionally to typical passwords). In this case the client has to get a client certificate and matching key and import so that it can be used for authentication.
It is unclear which of these cases is the one you are dealing with.
QUESTION
I've got a dropwizard app, which runs fine with the standard JRE.
I've tried creating a runtime using jlink which is considerably smaller:
...ANSWER
Answered 2019-Apr-04 at 14:26As rich mentions in a comment
Hmmn. If I add jdk.crypto.ec it works - why would jdeps have left that one out, if that one, would there be any others it's left out?
adding jdk.crypto.ec to the modules list solved the problem.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install stunnel
Rust is installed and managed by the rustup tool. Rust has a 6-week rapid release process and supports a great number of platforms, so there are many builds of Rust available at any time. Please refer rust-lang.org for more information.
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page