blob: 4bc301d4793012854d5120d88bfe5c9fd7750d46 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
# Sample stunnel configuration file by Michal Trojnara 2002-2005
# Some options used here may not be adequate for your particular configuration
# Please make sure you understand them (especially the effect of chroot jail)
# Certificate/key is needed in server mode and optional in client mode
# cert = /etc/stunnel/stunnel.pem
# key = /etc/stunnel/stunnel.pem
# Some security enhancements for UNIX systems - comment them out on Win32
# chroot = /chroot/stunnel/
setuid = stunnel
setgid = stunnel
# PID is created inside chroot jail
pid = /run/stunnel/stunnel.pid
# Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
#compression = rle
# Workaround for Eudora bug
#options = DONT_INSERT_EMPTY_FRAGMENTS
# Authentication stuff
#verify = 2
# Don't forget to c_rehash CApath
# CApath is located inside chroot jail:
#CApath = /certs
# It's often easier to use CAfile:
#CAfile = /etc/stunnel/certs.pem
# Don't forget to c_rehash CRLpath
# CRLpath is located inside chroot jail:
#CRLpath = /crls
# Alternatively you can use CRLfile:
#CRLfile = /etc/stunnel/crls.pem
# Some debugging stuff useful for troubleshooting
#debug = 7
#output = stunnel.log
# Use it for client mode
client = yes
# Service-level configuration
#[pop3s]
#accept = 995
#connect = 110
#[imaps]
#accept = 993
#connect = 143
#[ssmtp]
#accept = 465
#connect = 25
#[https]
#accept = 443
#connect = 80
#TIMEOUTclose = 0
|