Internet Express for Tru64 UNIX Version 6.10 Administration Guide (5900-1418, March 2011)
21 Stunnel
Stunnel is SSL library that enables users to secure (encrypt) otherwise insecure sessions
Sample client server configuration
Following are the steps for setting up client and server:
1. Create the Stunnel client config file /usr/internet/stunnel/etc/stunnel/
client.conf. Sample client config file is as follows:
cert = /usr/internet/openssl/bin/cacert.pem
key = /usr/internet/openssl/bin/privkey.pem
# Use in client mode
client = yes
pid = /client-stunnel.pid
# setuid = nobody
# setgid = other
debug = 7
output = /client-stunnel.log
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
# Authentication stuff
# verify = 1
# foreground = yes
[ telnet ]
accept = 8060
connect = servermachine:8050
NOTE:
• Where Cert and key path should be same where cert and key get created.
• accept should be the server machine name
2. Create Certificate and key on both client and server machines as follows:
cd /usr/internet/openssl/bin
openssl genrsa -des3 -out privkey.pem 2048
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
3. For starting stunnel on server:
• execute: /usr/internet/stunnel/bin/stunnel /usr/internet/stunnel/bin/server.conf
• To Check the status type:
ps -ef |grep stunnel
4. For starting stunnel on client:
• execute: /usr/internet/stunnel/bin/stunnel /usr/i nternet/stunnel/bin/client.conf
• To Check the status type:
ps -ef |grep stunnel
Sample client server configuration 267