[stunnel-users] Stunnel traffic fails to go via proxy set in winhttp (Windows 10)

Tue, 05 Nov 2019 19:52:47 -0800 

At QUT Library we use Stunnel to encrypt SIP2 (ie. book borrowing) traffic from 
the self-checkout machines through to the Alma library services platform (as 
per https://developers.exlibrisgroup.com/alma/integrations/stunnel/ )

Our self-checkout machines run Windows 10 and are allowed limited internet 
access to two hosts (cloud.fetechgroup.com and ap01.alma.exlibrisgroup.com) via 
our institution's Squid proxy and I have our current WinHTTP proxy settings:

    Proxy Server(s) :  wproxy.qut.edu.au:3128
    Bypass List     :  *.qut.edu.au

The proxy server settings are set for all protocols (HTTP, HTTPS, secure and 
FTP) and I've confirmed that web browser and the FE Technologies software is 
routing via wproxy.qut.edu.au.  However Stunnel is still trying to connect to 
Alma directly.  Our stunnel.conf is as follows (just FYI, the FE Tech software 
points to 127.0.0.1:5001 as our library services platform address):

[KG_Self-Checkout]
key = client.pem
cert = client.pem
client = yes
accept = 127.0.0.1:5001
connect = ap01.alma.exlibrisgroup.com:6443
TIMEOUTclose = 0
TIMEOUTconnect = 200
TIMEOUTidle = 86400
sslVersion = TLSv1.2

Is there a way to force Stunnel to either respect the WinHTTP settings or 
configure it to route traffic to wproxy.qut.edu.au:3128 before initiating the 
connect = hostname:port?

I did try protocolHost as follows, but I'm probably misunderstanding how it 
works https://www.stunnel.org/static/stunnel.html#SERVICE-LEVEL-OPTIONS

[KG_Self-Checkout]
key = client.pem
cert = client.pem
client = yes
accept = 127.0.0.1:5001
connect = wproxy.qut.edu.au:3128
protocolHost = ap01.alma.exlibrisgroup.com:6443
TIMEOUTclose = 0
TIMEOUTconnect = 200
TIMEOUTidle = 86400
sslVersion = TLSv1.2

Any advice or assistance gratefully accepted, and apologies if this is a silly 
question - I'm just a librarian trying to make this thing work.

Thanks,

Jai Parker | Information Access Librarian

QUT Library | Division of Administrative Services
QUT | Kelvin Grove | D Block, Level 1 | Victoria Park Rd Kelvin Grove QLD 4059
P: 07 3138 3381 | E: 
[email protected]<mailto:[email protected]> | 
www.qut.edu.au<http://www.qut.edu.au/>
ABN: 83 791 724 622 | CRICOS No. 00213J


_______________________________________________
stunnel-users mailing list
[email protected]
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users

Reply via email to