On 09/03/2025 23:15, pe...@easthope.ca wrote:
https://wiki.debian.org/Pan . There we read,
To enable Stunnel edit /etc/default/stunnel4
ENABLED=1
/etc/default/stunnel4 exists but lacks ENABLED. My best guess is that
systemd obsoleted it. Stunnel needs https://wiki.debian.org/Stunnel
with
From: Greg Wooledge
Date: Sat, 8 Mar 2025 23:28:24 -0500
> '... the unit definition without the argument parameter is
> called a "template".'
Thanks.
So /lib/systemd/system/stunnel@.service is a service template file
rather than service file.
Here, one exe
On Sunday, 28 May 2023 23:44:38 CEST pe...@easthope.ca wrote:
> The only email address visible is mine and it's correct. What bad
> email address?
You can try to run pan with --debug option in a terminal. Pan output will give
more details on what's going on when sending the mail.
HTH
From: Jeffrey Walton
Date: Fri, 26 May 2023 18:14:11 -0400
> I _think_ you are using Pan in client mode. That is, simply as a reader.
Correct.
> Stunnel makes the request to the NNTP server using TLS.
> So you don't need the server stuff, like a X.509 certificate.
Tha
No problem. I put the two files in /etc/stunnel/.
>
> Then,
> "combine priv.pem with stunnel.pem"
>
> What is meant by combine? Is there a syntax to put the private and
> public keys in one file?
Stepping back, I _think_ you are using Pan in client mode. That is,
simply as a
On Fri, May 26, 2023 at 02:10:15PM -0400, Dan Ritter wrote:
> to...@tuxteam.de wrote:
> > On Fri, May 26, 2023 at 12:05:18PM -0400, Dan Ritter wrote:
> > > > "combine priv.pem with stunnel.pem"
> > > >
> > > > What is meant by combine? Is there a syntax to put the private and
> > > > public key
to...@tuxteam.de wrote:
> On Fri, May 26, 2023 at 12:05:18PM -0400, Dan Ritter wrote:
> > > "combine priv.pem with stunnel.pem"
> > >
> > > What is meant by combine? Is there a syntax to put the private and
> > > public keys in one file?
> >
> > cat priv.pem stunnel.pem > combined.pem
>
> I t
rtificate
> > #openssl req -new -x509 -key priv.pem -out stunnel.pem -days 1095"
> >
> > No problem. I put the two files in /etc/stunnel/.
> >
> > Then,
> > "combine priv.pem with stunnel.pem"
> >
> > What is meant by combine?
pe...@easthope.ca wrote:
> Hi,
>
> https://wiki.debian.org/Pan states,
>
> " ... to generate a RSA Private Key
> #openssl genrsa -out priv.pem
>
> Generate Certificate
> #openssl req -new -x509 -key priv.pem -out stunnel.pem -days 1095"
>
> No pr
.pem -days 1095"
>
> No problem. I put the two files in /etc/stunnel/.
>
> Then,
> "combine priv.pem with stunnel.pem"
>
> What is meant by combine? Is there a syntax to put the private and
> public keys in one file?
Something along the lines
openssl
Hi,
https://wiki.debian.org/Pan states,
" ... to generate a RSA Private Key
#openssl genrsa -out priv.pem
Generate Certificate
#openssl req -new -x509 -key priv.pem -out stunnel.pem -days 1095"
No problem. I put the two files in /etc/stunnel/.
Then,
"combine priv.pem with stu
In-reply-to:
References: <897c4593eca5f214cddd3d8af000c...@easthope.ca>
Jeffrey & all,
Thanks for the replies.
From: Jeffrey Walton
Date: Sun, 23 Apr 2023 21:50:50 -0400
how quickly did you restart the service?
Aiming to have the stunnel tunnel available after
On Sun, 23 Apr 2023 19:09:16 +0100, Darac Marjal
wrote:
> 1. stunnel hasn't been in Debian since etch (Debian 4.0).
>
> 2. stunnel4 comes with a service file template
> (https://sources.debian.org/src/stunnel4/3%3A5.68-2/debian/stunnel4%40.stunnel.service/),
>
> which
n't translate to running it automatically.
For running POP3 through the tunnel both of these are effective.
(1) As root give the command "stunnel".
(2) As root give the command "stunnel /etc/stunnel/stunnel.conf".
Until something better surfaces, this line in /home/root/.p
On Mon 24 Apr 2023 at 07:26:35 (-0700), pe...@easthope.ca wrote:
> From: Darac Marjal
> Date: Sun, 23 Apr 2023 19:09:16 +0100
> > 1. stunnel hasn't been in Debian since etch (Debian 4.0).
>
> Thanks for catching that.
>
> > 2. stunnel4 comes with a
In-reply-to: <0a2de6ba-15a9-0b01-50f1-b75ad750f...@darac.org.uk>
References: <897c4593eca5f214cddd3d8af000c...@easthope.ca>
<0a2de6ba-15a9-0b01-50f1-b75ad750f...@darac.org.uk>
From: Darac Marjal
Date: Sun, 23 Apr 2023 19:09:16 +0100
1. stunnel hasn't been in De
rter
> > > Documentation=man:stunnel(8)
> > > After=network.target auditd.service
> > >
> > > [Service]
> > > ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.conf foreground=yes
> >
> > I'm not sure about the forground option i
On Mon, Apr 24, 2023 at 08:45:16AM +0200, john doe wrote:
> On 4/23/23 18:41, pe...@easthope.ca wrote:
> > Hi,
> >
> > After starting interactively, stunnel works.
> >
> > To automate, this service file was created.
> >
> > $ cat /etc/systemd/syst
On 4/23/23 18:41, pe...@easthope.ca wrote:
Hi,
After starting interactively, stunnel works.
To automate, this service file was created.
$ cat /etc/systemd/system/stunnel.service
[Unit]
Description=StunnelStarter
Documentation=man:stunnel(8)
After=network.target auditd.service
[Service
On Sun, Apr 23, 2023 at 12:57 PM wrote:
>
> After starting interactively, stunnel works.
>
> To automate, this service file was created.
>
> $ cat /etc/systemd/system/stunnel.service
> [Unit]
> Description=StunnelStarter
> Documentation=man:stunnel(8)
> After
1. stunnel hasn't been in Debian since etch (Debian 4.0).
2. stunnel4 comes with a service file template
(https://sources.debian.org/src/stunnel4/3%3A5.68-2/debian/stunnel4%40.stunnel.service/),
which is likely to have been tested to work.
3. Could the warning about protecting your
Hi,
After starting interactively, stunnel works.
To automate, this service file was created.
$ cat /etc/systemd/system/stunnel.service
[Unit]
Description=StunnelStarter
Documentation=man:stunnel(8)
After=network.target auditd.service
[Service]
ExecStart=/usr/bin/stunnel /etc/stunnel
On Wed, Jul 17, 2019 at 02:32:28PM -0700, pe...@easthope.ca wrote:
> > stunnel(1) mentions helpfully that you're required to have a certain
> > netfilter setup (mainly involving DNAT in your case), ...
> > If you need to transform outbound HTTP requests to HTTP
pe...@easthope.ca wrote on 7/17/19 3:32 PM:
> Jul 16 11:25:16 joule stunnel: LOG5[4]: Service [https] accepted connection
> from 127.0.0.1:36140
>
> * From: Reco recovery...@enotuniq.net
> * Date: Wed, 17 Jul 2019 11:01:32 +0300
>> No, you're incorrect
Jul 16 11:25:16 joule stunnel: LOG5[4]: Service [https] accepted connection
from 127.0.0.1:36140
* From: Reco ... Peter E.
--
https://en.wikibooks.org/wiki/Oberon
Tel: +1 604 670 0140Bcc: peter at easthope. ca
Hi.
On Tue, Jul 16, 2019 at 11:48:55AM -0700, pe...@easthope.ca wrote:
> An attempt to open a page via HTTPS gives this report in the log.
> Jul 16 11:25:16 joule stunnel: LOG5[4]: Service [https] accepted connection
> from 127.0.0.1:36140
> Jul 16 11:25:16 joule stu
Hi,
stunnel is installed here with this configuration.
"server" has been substituted for the real name of course.
peter@joule:~$ cat /etc/stunnel/stunnel.conf
# joule:/etc/stunnel/stunnel.conf
[pop3]
client = yes
accept = localhost:110
connect = server:995
[https]
client =
Hi,
Peter E. wrote:
> accept = localhost:80
> connect = en.wikipedia.org:443
> ... Firefox continues to access http servers as if stunnel
> isn't present
I get a bit further with
accept = localhost:30080
connect = en.wikipedia.org:443
and in iceweasel as URL
http:
* From: "Thomas Schmitt" n.wikipedia.org:443
... Firefox continues to access http servers as if stunnel
isn't present and the http-only client freezes when a connection
is expected. I don't understand this case.
Anyone have any other ideas to offer?
Thanks again T
Hi,
Peter E. wrote:
> For example, a
> local elementary browser is not SSL capable but a connection to https
> is required.
> Can stunnel or something else do that?
I use stunnel for connecting my old POP3 client to a SSL POP3 server.
Config
Hello,
The stunnel manual states "stunnel can be used to add SSL
functionality to ... daemons ... ."
I'm interested in a complimentary case. The remote server has SSL
functionality. I want to add SSL for a local client. For example, a
local elementary browser is not SS
在 2009-12-26六的 19:14 -0500,Celejar写道:
> IIUC, stunnel can indeed do what you want:
Thank you very much. You are right. I underestimate the tool and didn't
go detail enough on it. Thanks a lot!
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of &quo
fic between both. That kind of daemon should solve my problem.
>
> However googling the Internet I only found stunnel, the software that
> does the opposite, listening on imaps port (e.g. of the server) and upon
> hearing a connection, connects to specific IMAP server (usually of
>
found stunnel, the software that
does the opposite, listening on imaps port (e.g. of the server) and upon
hearing a connection, connects to specific IMAP server (usually of
localhost) and forward the traffic between.
Is there a tool does de-stunnel thing? Thanks in advance.
Best.
--
To
I'm running into problems with stunnel4 configuration.
The underlying application works.
But I keep getting the same errors when I invoke SSL tunneling.
2007.10.08 21:49:54 LOG5[10064:47438519754832]: stunnel 4.18 on
x86_64-pc-linux-gnu with OpenSSL 0.9.8c 05 Sep 2006
2007.10.08 21:
Hi All,
Just wondered if it is possible to compress data across and stunnel. I've
setup a tunnel to an anonymizer service and it works great but wondered if
it might be possible to squeeze abit more data out of my ISDN line. Anyone
tried this at all?
Rus
--
To UNSUBSCRIBE, email to [
Is anyone using stunnel to provide https access to an http only product?
:wq!
---
Robert L. Harris| Micros~1 :
Senior System Engineer |For when quality, reliability
at RnD Consulting
I have look the man, but I can't see wowto make new certificates with
openssl. I need to know, howto get a certificate for "myhost.mydomain"
because the default one is for "stunnel" ther when I put a imap server
over a stunnel conexion, the netscape din't stop on
In the /usr/doc/stunnel/examples there is an example for use stunnel
with some services.
is it the correct way to use with debian?
Thank you for all
Angel
hi all,
I've been trying to get courier-imap to work under ssl and have all
the relevant openssl and stunnel programs installed, but can't for
the life of me work out what's wrong.
I've edited the /etc/init.d/courier-imap so that it launches the
ssl version of courier, and a
> if it is unsigned i think so. signed certs i think only have to match
> the domain.
but where is the domain listed if not in the the common name of the cert?
> instead of "fixing" your ssl cert look into ditching outlook or fixing
> outlook.
i don't want to do that. i use fetchmail (haven't
Adam Shand wrote:
> so i assume the problem is that the cn of the cert doesn't equal
> maus.spack.org. is this the standard for host certificates that the
> common name attribute should equal the hostname?
if it is unsigned i think so. signed certs i think only have to match
the domain.
instead
i have stunnel installed and working to provide imap over ssl support but
the certificate it creates seems not to match my hostname. when i run
fetchmail i get a warning (which is okay) but outlook won't connect at all
because of the mismatch.
it looks like the problem is with the cn attr
I need halp with the stunnel deb package
i want to create a new stunnel.pem file
i manage to creat the RSA and the CERTIFICATE part
but i cant find how to create the dh parametres.
Any help will be great. Thanks.
I'm trying to use stunnel to tunnel swat over SSL.
Insert service name (https,spop3,ssmtp,snews,ssl-ldap,simap): swat
Insert program name: /usr/sbin/swat
Using existing certificate: /usr/lib/ssl/certs/swat.pem.
I will add the following entry to /etc/inetd.conf:
swat stream tcp nowait
45 matches
Mail list logo
