Les Partages de Memiks
Tag cloud
Picture wall
Daily
Daily Weekly Monthly

Daily Shaarli

All links of one day in a single page.

Previous day
Next day

November 22, 2018

imaps with stunnel and multiple virtual hosts/certificates - Scalix Forums

pid = /var/run/stunnel/stunnel.pid

;change to debug = 4 after verification!
debug = 7
output = /var/log/stunnel/stunnel.log

[pop3s]
cert = /etc/httpd/keys/my-domain.com/ssl_gnutls.crt
key = /etc/httpd/keys/my-domain.com/server.key
accept = 995
connect = 110

[sni1]
sni = pop3s:my-domain.com
cert = /etc/httpd/keys/my-domain.com/ssl_gnutls.crt
key = /etc/httpd/keys/my-domain.com/server.key
connect = 110

[sni2]
sni = pop3s:another-domain.de
cert = /etc/httpd/keys/another-domain.de/ssl_gnutls.crt
key = /etc/httpd/keys/another-domain.de/server.key
connect = 110

[sni3]
sni = pop3s:another-domain.eu
cert = /etc/httpd/keys/another-domain.eu/ssl_gnutls.crt
key = /etc/httpd/keys/another-domain.eu/server.key
connect = 110

[imaps]
cert = /etc/httpd/keys/my-domain.com/ssl_gnutls.crt
key = /etc/httpd/keys/my-domain.com/server.key
accept = 993
connect = 143

[sni4]
sni = imaps:my-domain.com
cert = /etc/httpd/keys/my-domain.com/ssl_gnutls.crt
key = /etc/httpd/keys/my-domain.com/server.key
connect = 143

[sni5]
sni = imaps:another-domain.de
cert = /etc/httpd/keys/another-domain.de/ssl_gnutls.crt
key = /etc/httpd/keys/another-domain.de/server.key
connect = 143

[sni6]
sni = imaps:another-domain.eu
cert = /etc/httpd/keys/another-domain.eu/ssl_gnutls.crt
key = /etc/httpd/keys/another-domain.eu/server.key
connect = 143

[ssmtp]
cert = /etc/httpd/keys/my-domain.com/ssl_gnutls.crt
key = /etc/httpd/keys/my-domain.com/server.key
accept = 465
connect = localhost:587

[sni7]
sni = ssmtp:my-domain.com
cert = /etc/httpd/keys/my-domain.com/ssl_gnutls.crt
key = /etc/httpd/keys/my-domain.com/server.key
connect = localhost:587

[sni8]
sni = ssmtp:another-domain.de
cert = /etc/httpd/keys/another-domain.de/ssl_gnutls.crt
key = /etc/httpd/keys/another-domain.de/server.key
connect = localhost:587

[sni9]
sni = ssmtp:another-domain.eu
cert = /etc/httpd/keys/another-domain.eu/ssl_gnutls.crt
key = /etc/httpd/keys/another-domain.eu/server.key
connect = localhost:587

[uals]
cert = /etc/httpd/keys/my-domain.com/ssl_gnutls.crt
key = /etc/httpd/keys/my-domain.com/server.key
accept = 5767
connect = 5729

20:11
stunnel, pop3s, etc..
Tunnel SSH Connections Over SSL Using 'Stunnel' On Debian 7 / Ubuntu 13.10 | Unixmen

pid = /var/run/stunnel.pid
cert = /etc/stunnel/stunnel.pem
[ssh]
accept = 192.168.1.200:443
connect = 127.0.0.1:22

20:11
stunnel, ssh
Imaps avec stunnel - ajouter le ssl au serveur imap port 993 de votre serveur email

;Certificat/cle
cert = /usr/local/etc/stunnel/imaps.pem

;Version du protocole (all, SSLv2, SSLv3, TLSv1)
sslVersion = all

;Pour des question de securité on fait tourner stunnel dans un chroot (en prison)
chroot = /usr/local/var/lib/stunnel/
setuid = nobody
setgid = nobody
;fichier pid créé dans le chroot
pid = /stunnel.pid
;On optimise un peu les perfs
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;on veut des logs qui parlent !
debug = 7
;sortie dans le chroot
output = stunnel_imaps.log

[imaps]
accept = 993
connect = 143

[ssmtp]
accept = 465
connect = 25
;et oui! ça fonctionne aussi pour le ssmtp, pour cela vous devrez ouvrir le port 465 dans votre firewall

20:10
stunnel, imaps, smtps