The parameter specifies a comma-separated list of task to be delegated to the current engine. Set OpenSSL tasks delegated to the current engine engineCtrl = COMMANDĬontrol hardware engine engineDefault = TASK_LIST See Examples section for an engine configuration to use the certificate and the corresponding private key from a cryptographic device.
#STUNNEL HTTP SERVER SOFTWARE#
Select hardware or software cryptographic engine EGD = EGD_PATH (Unix only)Įntropy Gathering Daemon socket to use to feed the OpenSSL random number generator. (Facilities are not supported on Win32.)Ĭase is ignored for both facilities and levels. The syslog 'daemon' facility will be used unless a facility name is supplied. Please either use the debug level when requested to do so by an stunnel developer, or when you intend to get confused. This logging level is only meant to be understood by stunnel developers, and not by users. The debug = debug (or the equivalent ) level produces for the most verbose log output. All logs for the specified level and all levels numerically less than it will be shown. Level is one of the syslog level names or numbers emerg (0), alert (1), crit (2), err (3), warning (4), notice (5), info (6), or debug (7). dev/zero or /dev/null.ĭeflate is the standard compression method as described in RFC 1951. Some other functions may need devices, e.g. Local time in log files needs /etc/timezone. Several functions of the operating system also need their files to be located within the chroot jail, e.g.:ĭelayed resolver typically needs /etc/nf and /etc/nf. CApath, CRLpath, pid and exec are located inside the jail and the patches have to be relative to the directory specified with chroot. GLOBAL OPTIONS chroot = DIRECTORY (Unix only)Ĭhroot keeps stunnel in a chrooted jail. '' indicating a start of a service definition.Īn address parameter of an option may be either:Ī colon-separated pair of IP address (either IPv4, IPv6, or domain name) and port number. Reopen the log file of the running NT Service -exit (Win32 only)Įxit an already started stunnel -quiet (Win32 only)ĭon't display any message boxes CONFIGURATION FILEĮach line of the configuration file can be either: Reload the configuration file of the running NT Service -reopen (Windows NT and later only)
Stop NT Service -reload (Windows NT and later only) Start NT Service -stop (Windows NT and later only) Uninstall NT Service -start (Windows NT and later only)
#STUNNEL HTTP SERVER INSTALL#
Install NT Service -uninstall (Windows NT and later only) Print supported TLS options -install (Windows NT and later only) Print stunnel version and compile time defaults -sockets Read the config file from specified file descriptor -help Use specified configuration file -fd N (Unix only) This product includes cryptographic software written by Eric Young OPTIONS FILE Stunnel can be used to add TLS functionality to commonly used Inetd daemons like POP-2, POP-3, and IMAP servers, to standalone daemons like NNTP, SMTP and HTTP, and in tunneling PPP over network sockets without changes to the source code. The concept is that having non-TLS aware daemons running on your system you can easily set them up to communicate with clients over secure TLS channels.
The stunnel program is designed to work as TLS encryption wrapper between remote clients and local ( inetd-startable) or remote servers. Stunnel ] | -help | -version | -sockets | -options DESCRIPTION Stunnel | -fd N | -help | -version | -sockets | -options WIN32: Stunnel - TLS offloading and load-balancing proxy SYNOPSIS Unix:
0 kommentar(er)
