HP UX Internet Express Software manual Stunnel, Sample client server configuration

21 Stunnel

Stunnel is SSL library that enables users to secure (encrypt) otherwise insecure sessions

Sample client server configuration

Following are the steps for setting up client and server:

1.Create the Stunnel client config file /usr/internet/stunnel/etc/stunnel/ client.conf. Sample client config file is as follows:

cert = /usr/internet/openssl/bin/cacert.pem key = /usr/internet/openssl/bin/privkey.pem

#Use in client mode client = yes

pid = /client-stunnel.pid

#setuid = nobody

#setgid = other

debug = 7

output = /client-stunnel.log socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1

#Authentication stuff

#verify = 1

#foreground = yes

[ telnet ] accept = 8060

connect = servermachine:8050

NOTE:

•Where Cert and key path should be same where cert and key get created.

•accept should be the server machine name

2.Create Certificate and key on both client and server machines as follows:

cd /usr/internet/openssl/bin

openssl genrsa -des3 -out privkey.pem 2048

openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095

3.For starting stunnel on server:

•execute: /usr/internet/stunnel/bin/stunnel /usr/internet/stunnel/bin/server.conf

•To Check the status type: ps -ef grep stunnel

4.For starting stunnel on client:

•execute: /usr/internet/stunnel/bin/stunnel /usr/i nternet/stunnel/bin/client.conf

•To Check the status type: ps -ef grep stunnel

Sample client server configuration 267