Dear Jhon,
Thank you for your fast response.
My target https-server is a Synology DS211+ with Apache 2.2(Unix).
Its VirtualHost config looks like:
<VirtualHost *:443>
ServerName myhost.mydomain.com
ServerAlias internal.name.local
DocumentRoot /somepath/not/used/at/all/
SSLEngine On
SSLProtocol all -SSLv2 -SSLv3 # TLSv1 or higher
SSLProxyEngine On
ProxyRequests On
ProxyBadHeader Ignore
ProxyVia Full
AllowCONNECT myInternalPort
<Proxy *>
Order deny,allow
Deny from all
</Proxy>
<ProxyMatch (internal\.name\.local)>
Order allow,deny
Allow from all
</ProxyMatch>
LogLevel debug
ErrorLog /logpath/sshserver-proxy_error_log
CustomLog /logpath/sshserver-proxy_request_log combined
</VirtualHost>
The sTunnel client config on Win7 is:
debug = 7
log = overwrite
output = C:\userpath\stunnel\stunnel.log
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
client = yes
[http-2-ssl]
accept = 127.0.0.1:80
connect = myhost.mydomain.com:443
retry = yes
config = Protocol:ALL
config = Protocol:-SSLv3
As I recognized today, it's not only my Apache server which doesn't accept my
sTunnel requests, even the mentioned functional "sTunnel Client to sTunnel
Server" gets blocked by the restricted 443 gateway (checks if https) - my
sTunnel client request seems to be incompatible to https...
HTH / Best Regards
Hathor27
-----Ursprüngliche Nachricht-----
Von: stunnel-users [mailto:[email protected]] Im Auftrag von
[email protected]
Gesendet: Montag, 4. Januar 2016 12:00
An: [email protected]
Betreff: stunnel-users Digest, Vol 138, Issue 2
Send stunnel-users mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific than "Re:
Contents of stunnel-users digest..."
Today's Topics:
1. Re: Help: sTunnel http to Apache https? (Jhon BYaka)
----------------------------------------------------------------------
Message: 1
Date: Sun, 03 Jan 2016 19:44:10 +0000
From: Jhon BYaka <[email protected]>
To: Hathor27 <[email protected]>, [email protected]
Subject: Re: [stunnel-users] Help: sTunnel http to Apache https?
Message-ID:
<capeykvrx7rhpuy04y8ocuyfxu89skk8qxg+m4e9amohkf6v...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
what "ssl-protocol" u set in server (ssl2, ssl2, tls) and in stunnel? What
"Synology" product u mean?
вс, 3 янв. 2016 г. в 2:16, Hathor27 <[email protected]>:
> Dear List Members,
>
>
>
> I searched, tried and recovered for several days and found no solution
> that works…
>
>
>
> My topic is to establish an ssh remote session through a http-proxy
> (http connect). In case of port restrictions I can only use pure https (443).
>
> So I try to wrap my http-proxy request into http over ssl (https) and
> receive it on an Apache https server.
>
>
>
> I can establish a connection between sTunnel Client (Win7 Prof) and
> sTunnel Server (Synology, Linux), both on 443 – that works fine.
>
> But if I try to connect from sTunnel Client (443) to Apache Server
> https, they seem to speek not the same protocol…
>
>
>
> …are there any examples for that? – or are sTunnel and Apache two
> different things of SSL?
>
>
>
> I would be very glad to get some help here :)
>
>
>
> Best Regards
>
> Hathor27
> _______________________________________________
> stunnel-users mailing list
> [email protected]
> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.stunnel.org/pipermail/stunnel-users/attachments/20160103/114fa9ae/attachment-0001.html>
------------------------------
Subject: Digest Footer
_______________________________________________
stunnel-users mailing list
[email protected]
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
------------------------------
End of stunnel-users Digest, Vol 138, Issue 2
*********************************************
_______________________________________________
stunnel-users mailing list
[email protected]
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
