Thank you to everyone who responded - it works now ! Tom
Sent from my iPhone > On 5 May 2017, at 06:35, Chris Chia <[email protected]> wrote: > > This is ours : > > > [ALMA - SIP] > key = client.pem > cert = client.pem > accept = 6443 > connect = xxxx.xxxxxx.exlibrisgroup.com:6443 > TIMEOUTclose = 0 > TIMEOUTconnect = 200 > TIMEOUTidle = 86400 > ; > > From: stunnel-users [mailto:[email protected]] On Behalf Of > Tomas Martinez > Sent: Thursday, May 4, 2017 9:52 PM > To: [email protected] > Subject: [stunnel-users] Question regarding setup > > Hello All, > > > I am trying to set up stunnel so i can access my IIS static website > (http://localhost) > I want to access it via 'https://localhost:443'. > > Here is my conf file : > > [https] > client= yes > accept = 443 > connect = 80 > debug = 7 > sslVersion = all > cert = D:\stunnel\config\cert.pfx > > and here is the errors I am getting : > > 2017.05.04 12:41:01 LOG5[main]: UTF-8 byte order mark detected > 2017.05.04 12:41:01 LOG5[main]: FIPS mode disabled > 2017.05.04 12:41:01 LOG4[main]: Service [https] needs authentication to > prevent MITM attacks > 2017.05.04 12:41:01 LOG5[main]: Configuration successful > 2017.05.04 12:41:14 LOG7[80]: Service [https] started > 2017.05.04 12:41:14 LOG7[80]: Option TCP_NODELAY set on local socket > 2017.05.04 12:41:14 LOG5[80]: Service [https] accepted connection from > 127.0.0.1:54417 > 2017.05.04 12:41:14 LOG6[80]: s_connect: connecting 127.0.0.1:80 > 2017.05.04 12:41:14 LOG7[80]: s_connect: s_poll_wait 127.0.0.1:80: waiting 10 > seconds > 2017.05.04 12:41:14 LOG7[81]: Service [https] started > 2017.05.04 12:41:14 LOG7[81]: Option TCP_NODELAY set on local socket > 2017.05.04 12:41:14 LOG5[81]: Service [https] accepted connection from > 127.0.0.1:54419 > 2017.05.04 12:41:14 LOG6[81]: s_connect: connecting 127.0.0.1:80 > 2017.05.04 12:41:14 LOG7[81]: s_connect: s_poll_wait 127.0.0.1:80: waiting 10 > seconds > 2017.05.04 12:41:14 LOG5[81]: s_connect: connected 127.0.0.1:80 > 2017.05.04 12:41:14 LOG5[81]: Service [https] connected remote server from > 127.0.0.1:54420 > 2017.05.04 12:41:14 LOG7[81]: Option TCP_NODELAY set on remote socket > 2017.05.04 12:41:14 LOG7[81]: Remote descriptor (FD=552) initialized > 2017.05.04 12:41:14 LOG6[81]: SNI: sending servername: localhost > 2017.05.04 12:41:14 LOG6[81]: Peer certificate not required > 2017.05.04 12:41:14 LOG7[81]: TLS state (connect): before/connect > initialization > 2017.05.04 12:41:14 LOG7[81]: TLS state (connect): SSLv2/v3 write client > hello A > 2017.05.04 12:41:14 LOG3[81]: SSL_connect: 140770FC: error:140770FC:SSL > routines:SSL23_GET_SERVER_HELLO:unknown protocol > 2017.05.04 12:41:14 LOG5[81]: Connection reset: 0 byte(s) sent to TLS, 0 > byte(s) sent to socket > 2017.05.04 12:41:14 LOG7[81]: Deallocating application specific data for addr > index > 2017.05.04 12:41:14 LOG7[81]: Remote descriptor (FD=552) closed > 2017.05.04 12:41:14 LOG7[81]: Local descriptor (FD=480) closed > 2017.05.04 12:41:14 LOG7[81]: Service [https] finished (1 left) > 2017.05.04 12:41:14 LOG5[80]: s_connect: connected 127.0.0.1:80 > 2017.05.04 12:41:14 LOG5[80]: Service [https] connected remote server from > 127.0.0.1:54418 > 2017.05.04 12:41:14 LOG7[80]: Option TCP_NODELAY set on remote socket > 2017.05.04 12:41:14 LOG7[80]: Remote descriptor (FD=304) initialized > 2017.05.04 12:41:14 LOG6[80]: SNI: sending servername: localhost > 2017.05.04 12:41:14 LOG6[80]: Peer certificate not required > 2017.05.04 12:41:14 LOG7[80]: TLS state (connect): before/connect > initialization > 2017.05.04 12:41:14 LOG7[80]: TLS state (connect): SSLv2/v3 write client > hello A > 2017.05.04 12:41:14 LOG3[80]: SSL_connect: 140770FC: error:140770FC:SSL > routines:SSL23_GET_SERVER_HELLO:unknown protocol > 2017.05.04 12:41:14 LOG5[80]: Connection reset: 0 byte(s) sent to TLS, 0 > byte(s) sent to socket > 2017.05.04 12:41:14 LOG7[80]: Deallocating application specific data for addr > index > 2017.05.04 12:41:14 LOG7[80]: Remote descriptor (FD=304) closed > 2017.05.04 12:41:14 LOG7[80]: Local descriptor (FD=496) closed > 2017.05.04 12:41:14 LOG7[80]: Service [https] finished (0 left) > 2017.05.04 12:41:14 LOG7[82]: Service [https] started > 2017.05.04 12:41:14 LOG7[82]: Option TCP_NODELAY set on local socket > 2017.05.04 12:41:14 LOG5[82]: Service [https] accepted connection from > 127.0.0.1:54422 > 2017.05.04 12:41:14 LOG6[82]: s_connect: connecting 127.0.0.1:80 > 2017.05.04 12:41:14 LOG7[82]: s_connect: s_poll_wait 127.0.0.1:80: waiting 10 > seconds > 2017.05.04 12:41:14 LOG5[82]: s_connect: connected 127.0.0.1:80 > 2017.05.04 12:41:14 LOG5[82]: Service [https] connected remote server from > 127.0.0.1:54423 > 2017.05.04 12:41:14 LOG7[82]: Option TCP_NODELAY set on remote socket > 2017.05.04 12:41:14 LOG7[82]: Remote descriptor (FD=304) initialized > 2017.05.04 12:41:14 LOG6[82]: SNI: sending servername: localhost > 2017.05.04 12:41:14 LOG6[82]: Peer certificate not required > 2017.05.04 12:41:14 LOG7[82]: TLS state (connect): before/connect > initialization > 2017.05.04 12:41:14 LOG7[82]: TLS state (connect): SSLv2/v3 write client > hello A > 2017.05.04 12:41:14 LOG3[82]: SSL_connect: 140770FC: error:140770FC:SSL > routines:SSL23_GET_SERVER_HELLO:unknown protocol > 2017.05.04 12:41:14 LOG5[82]: Connection reset: 0 byte(s) sent to TLS, 0 > byte(s) sent to socket > 2017.05.04 12:41:14 LOG7[82]: Deallocating application specific data for addr > index > 2017.05.04 12:41:14 LOG7[82]: Remote descriptor (FD=304) closed > 2017.05.04 12:41:14 LOG7[82]: Local descriptor (FD=544) closed > 2017.05.04 12:41:14 LOG7[82]: Service [https] finished (0 left) > 2017.05.04 12:41:14 LOG7[83]: Service [https] started > 2017.05.04 12:41:14 LOG7[83]: Option TCP_NODELAY set on local socket > 2017.05.04 12:41:14 LOG5[83]: Service [https] accepted connection from > 127.0.0.1:54425 > 2017.05.04 12:41:14 LOG6[83]: s_connect: connecting 127.0.0.1:80 > 2017.05.04 12:41:14 LOG7[83]: s_connect: s_poll_wait 127.0.0.1:80: waiting 10 > seconds > 2017.05.04 12:41:14 LOG5[83]: s_connect: connected 127.0.0.1:80 > 2017.05.04 12:41:14 LOG5[83]: Service [https] connected remote server from > 127.0.0.1:54426 > 2017.05.04 12:41:14 LOG7[83]: Option TCP_NODELAY set on remote socket > 2017.05.04 12:41:14 LOG7[83]: Remote descriptor (FD=540) initialized > 2017.05.04 12:41:14 LOG6[83]: SNI: sending servername: localhost > 2017.05.04 12:41:14 LOG6[83]: Peer certificate not required > 2017.05.04 12:41:14 LOG7[83]: TLS state (connect): before/connect > initialization > 2017.05.04 12:41:14 LOG7[83]: TLS state (connect): SSLv2/v3 write client > hello A > 2017.05.04 12:41:14 LOG3[83]: SSL_connect: 140770FC: error:140770FC:SSL > routines:SSL23_GET_SERVER_HELLO:unknown protocol > 2017.05.04 12:41:14 LOG5[83]: Connection reset: 0 byte(s) sent to TLS, 0 > byte(s) sent to socket > 2017.05.04 12:41:14 LOG7[83]: Deallocating application specific data for addr > index > 2017.05.04 12:41:14 LOG7[83]: Remote descriptor (FD=540) closed > 2017.05.04 12:41:14 LOG7[83]: Local descriptor (FD=488) closed > 2017.05.04 12:41:14 LOG7[83]: Service [https] finished (0 left) > 2017.05.04 12:41:14 LOG7[84]: Service [https] started > 2017.05.04 12:41:14 LOG7[84]: Option TCP_NODELAY set on local socket > 2017.05.04 12:41:14 LOG5[84]: Service [https] accepted connection from > 127.0.0.1:54427 > 2017.05.04 12:41:14 LOG6[84]: s_connect: connecting 127.0.0.1:80 > 2017.05.04 12:41:14 LOG7[84]: s_connect: s_poll_wait 127.0.0.1:80: waiting 10 > seconds > 2017.05.04 12:41:14 LOG5[84]: s_connect: connected 127.0.0.1:80 > 2017.05.04 12:41:14 LOG5[84]: Service [https] connected remote server from > 127.0.0.1:54428 > 2017.05.04 12:41:14 LOG7[84]: Option TCP_NODELAY set on remote socket > 2017.05.04 12:41:14 LOG7[84]: Remote descriptor (FD=304) initialized > 2017.05.04 12:41:14 LOG6[84]: SNI: sending servername: localhost > 2017.05.04 12:41:14 LOG6[84]: Peer certificate not required > 2017.05.04 12:41:14 LOG7[84]: TLS state (connect): before/connect > initialization > 2017.05.04 12:41:14 LOG7[84]: TLS state (connect): SSLv2/v3 write client > hello A > 2017.05.04 12:41:14 LOG3[84]: SSL_connect: 140770FC: error:140770FC:SSL > routines:SSL23_GET_SERVER_HELLO:unknown protocol > 2017.05.04 12:41:14 LOG5[84]: Connection reset: 0 byte(s) sent to TLS, 0 > byte(s) sent to socket > 2017.05.04 12:41:14 LOG7[84]: Deallocating application specific data for addr > index > 2017.05.04 12:41:14 LOG7[84]: Remote descriptor (FD=304) closed > 2017.05.04 12:41:14 LOG7[84]: Local descriptor (FD=484) closed > 2017.05.04 12:41:14 LOG7[84]: Service [https] finished (0 left) > > > > I am looking for a basic basic config. > > Can anyone advise why it is not working please. > Is there anything behind the scenes i need to configure? > > Thank You in advanced > > T
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
