Darren J Moffat wrote:
> When stunnel is used to provide a SSL protected system service on a
> well known port, the stunnel command needs to be started by a
> privileged user. It should be started when the system boots, for this
> reason a Solaris specific smf(5) manifest is provided to enable a
> stunnel service.
>
> The svc:/network/stunnel:default service is disabled by default because
> it requires configuration before use. A sample configuration file is
> also provided.
>
I would recommend changing the FMRI to
svc:/network/ssl/stunnel:default
since kernel SSL (KSSL) added network/ssl.
BTW, stunnel is a nice complement to kernel SSL because it can do client
side SSL. kernel SSL gives better performance on the server side
where performance is more important.
-Krishna
