Author Topic: HFS including SSl tools  (Read 98381 times)

0 Members and 1 Guest are viewing this topic.

Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
  • Posts: 1233
  • ....... chut ! shh!
    • View Profile
Re: HFS including SSl tools
« Reply #225 on: April 09, 2019, 03:40:37 PM »
9-04-2019     HFS 2.3m #300 r4 is online.

NEW:
Stunnel 5.51 64 bits
Better compatibility with resolutions lower than 1024*768
-  New "yellow button" near the language settings ... this replaces all the language files with those included in HFS.
   Usefull for update translations files.
More logical management of languages ​​and translation files..

HFS 2.3m #300 r4 :

http://silentpliz.free.fr/hfs/hfs.2.3m_300_r4.exe

http://silentpliz.free.fr/hfs/Sources_hfs/HFS2.3m300_r4.zip

I removed the Russian language: too many strings are not translated.
If you want completed yourself this translation for this language, use the release of this topic:

http://rejetto.com/forum/index.php?topic=13134.0
« Last Edit: August 18, 2019, 12:52:21 PM by SilentPliz »

Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
  • Posts: 1233
  • ....... chut ! shh!
    • View Profile
Re: HFS including SSl tools
« Reply #226 on: April 12, 2019, 09:32:41 AM »
12-04-2019     HFS 2.3m #300 r5 is online.

NEW:
Stunnel 5.53 64 bits


HFS 2.3m #300 r5 :

Updated 30-04-2019

http://silentpliz.free.fr/hfs/hfs.2.3m_300_r5.exe

http://silentpliz.free.fr/hfs/Sources_hfs/HFS2.3m300_r5.zip

I removed the Russian language: too many strings are not translated.
If you want completed yourself this translation for this language, use the release of this topic:

http://rejetto.com/forum/index.php?topic=13134.0
« Last Edit: August 18, 2019, 12:52:59 PM by SilentPliz »

Offline Grovkillen

  • Occasional poster
  • *
  • Posts: 1
    • View Profile
Re: HFS including SSl tools
« Reply #227 on: April 20, 2019, 08:31:57 AM »
Just for info. I use NGINX to relay the SSL. NGINX is the reversed proxy which can handle all the incoming requests + add SSL encryption to the communication. I can then have multiple HFS servers behind that one.

Follow members gave a thank to your post:


Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
  • Posts: 1233
  • ....... chut ! shh!
    • View Profile
Re: HFS including SSl tools
« Reply #228 on: April 20, 2019, 03:53:39 PM »
Just for info. I use NGINX to relay the SSL. NGINX is the reversed proxy which can handle all the incoming requests + add SSL encryption to the communication. I can then have multiple HFS servers behind that one.


Welcome Grovkillen,  :)

Thank you for the information.
I knew NGINX.

The 'but' it was, for me, to released a version of HFS including Stunnel, and allowing a relatively easy implementation of 'TLS' for HFS users.

Stunnel does one thing, and he does it very well.
It is used by many HFS users.
There are many posts on the forum about its configuration ...
It's my contribution for try to answer some of these questions more simply.

You can use multiple instances of HFS behind a single instance of stunnel, for example, you need to have multiple sections [https] [https1] [https2] ... etc in stunnel.conf

NGINX is certainly a good software, but it is not adapted to be integrated with the executable of HFS, as I did here.

You can nevertheless make a post, to explain the use and configuration of NGINX with HFS ... I am sure that many users would be interested in using this program with HFS.

 :)

Offline howi42

  • Occasional poster
  • *
  • Posts: 8
    • View Profile
Re: HFS including SSl tools
« Reply #229 on: May 09, 2019, 07:08:00 AM »
Yes, I certainly need the nginx config for that, too.
I tried it through stunnel, but it does not work reliable.
I did got it to work once, but then it stopped and I was never able to get it to run again through stunnel.

The standard proxy config in nginx does not seem to work for hfs.

The requests reach hfs behind the proxy, but then it times out.

Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
  • Posts: 1233
  • ....... chut ! shh!
    • View Profile
Re: HFS including SSl tools
« Reply #230 on: May 16, 2019, 01:09:33 PM »
16-05-2019     HFS 2.3m #300 r6 is online.

NEW:
Stunnel 5.54 64 bits

HFS 2.3m #300 r6 :

http://silentpliz.free.fr/hfs/hfs.2.3m_300_r6.exe

http://silentpliz.free.fr/hfs/Sources_hfs/HFS2.3m300_r6.zip


I removed the Russian language: too many strings are not translated.
If you want completed yourself this translation for this language, use the release of this topic:

http://rejetto.com/forum/index.php?topic=13134.0
« Last Edit: August 18, 2019, 12:54:11 PM by SilentPliz »

Follow members gave a thank to your post:


Offline jejehamers

  • Occasional poster
  • *
  • Posts: 1
  • Tssss, this doesn't work => try again harder ;)
    • View Profile
Re: HFS including SSl tools
« Reply #231 on: May 22, 2019, 09:05:09 PM »
Hi everyone..

New to the world of hfs and stunnel :)

I'm trying to make the things work together  :-\ ...

First : thanks to SilentPilz for his releases, they rocks ;)

My HFS is running fine in http mode, but when it comes to stunnels it's a bit more difficult : i've got a problem in making the stunnel server run : (error 140DC002 - something with missing certificate) after a bit of research, it seem that the hfs configurator does not create a certificate file (the only file present in the ssl folder is the private key one). Is there something I do wrong ?

Sorry if i'm not in the right place, but thank you in advance..

Jerome

EDIT :

I think i found something : with no modifications in the certificate creating fields (except for "Common name or external IP"), i have now 2 files (key and certificate). It means that some of my inputs cause it to not create the certificat ;) ..

Okay, let's smile a litte => now another error on Stunnel :)

"[.] Binding service [https] to 0.0.0.0:443: Address already in use (WSAEADDRINUSE) (10048)
[!] Binding service [https] failed"

Is it possible to have a complete example of a successfull launch of the stunnel server ?

Thanks  ;D ;D ;D

EDIT BIS :

Haha, I definitely hope that my story will help someone who's experiencing the same problems ;)

In fact I'm trying to run the hfs on a windows based "server" (Win 10 Pro, not server). And guess what : the server is running a vpn utility, who is meant to create a vpn over http  :o :o

So, I need to change the ports O:)
« Last Edit: May 22, 2019, 10:38:53 PM by jejehamers »

Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
  • Posts: 1233
  • ....... chut ! shh!
    • View Profile
Re: HFS including SSl tools
« Reply #232 on: May 23, 2019, 03:08:32 PM »
Welcome jerome, :)

Sorry for the delay; I saw your post last night, but I only had access to my smartphone ... it was not practical to try to help you.

If I followed your "story" :) you finally managed to solve the problem yourself. Good new.

I saw in your profile that you are belgian.
I'm french.
If you are francophone, there is a french section on the forum here:

http://rejetto.com/forum/index.php?board=40.0

See you soon ! :)

.
« Last Edit: May 23, 2019, 07:04:20 PM by SilentPliz »

Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
  • Posts: 1233
  • ....... chut ! shh!
    • View Profile
Re: HFS including SSl tools
« Reply #233 on: June 14, 2019, 10:58:21 AM »
14-06-2019     HFS 2.3m #300 r7 is online.

NEW:
Stunnel 5.55 64 bits


HFS 2.3m #300 r7:

http://silentpliz.free.fr/hfs/hfs.2.3m_300_r7.exe

Sources:

http://silentpliz.free.fr/hfs/Sources_hfs/HFS2.3m300_r7.zip


I removed the Russian language: too many strings are not translated.
If you want completed yourself this translation for this language, use the release of this topic:

http://rejetto.com/forum/index.php?topic=13134.0
« Last Edit: August 18, 2019, 12:54:52 PM by SilentPliz »

Offline WalkMan465

  • Occasional poster
  • *
  • Posts: 4
    • View Profile
Re: HFS including SSl tools
« Reply #234 on: July 16, 2019, 12:23:02 PM »
Hi all! sorry in advance for my English  :) I have a problem with setting hfs + stunnel. First i install hfs and stunnel separately, but stunnel wasnt launch with error "invalid configuration file", I setting up programs with other posts and messages on this forum. Next. I donwloaded this assembly program, but after press "build set and start stunnel" screen appears the next error

Author this assembly - big respect, this program has no analogues, but i dont understand french lang in comments and some places of the program. is it possible to write only in English?))) And Russian language, i can help you with translate program on rus lang. Im native rus speaker)

and my log stunnel

[ ] Running on Windows 6.2
[ ] No limit detected for the number of clients
[.] stunnel 5.55 on x64-pc-mingw32-gnu platform
[.] Compiled/running with OpenSSL 1.1.1c  28 May 2019
[.] Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,OCSP,PSK,SNI
[ ] errno: (*_errno())
[ ] GUI message loop initialized
[ ] Running on Windows 6.2
[.] Reading configuration from file stunnel.conf
[.] UTF-8 byte order mark not detected
[ ] Compression disabled
[ ] No PRNG seeding was required
[ ] Initializing service [https]
[ ] Ciphers: ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:AES128-GCM-SHA256
[ ] TLSv1.3 ciphersuites: TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
[ ] TLS options: 0x02100004 (+0x02000000, -0x00000000)
[ ] Loading certificate from file: .\SslCerts\Certificat.pem
[ ] Certificate loaded from file: .\SslCerts\Certificat.pem
[ ] Loading private key from file: .\SslCerts\Clef privee.pem
[ ] Private key loaded from file: .\SslCerts\Clef privee.pem
[ ] Private key check succeeded
[ ] DH initialization needed for DHE-DSS-AES256-GCM-SHA384
[ ] DH initialization
[ ] Could not load DH parameters from .\SslCerts\Certificat.pem
[ ] Using dynamic DH parameters
[ ] ECDH initialization
[ ] ECDH initialized with curves prime256v1
[.] Configuration successful
[ ] Binding service [https]
[ ] Listening file descriptor created (FD=152)
[ ] Setting accept socket options (FD=152)
[ ] Option SO_EXCLUSIVEADDRUSE set on accept socket
[.] Binding service [https] to 0.0.0.0:443: Address already in use (WSAEADDRINUSE) (10048)
[!] Binding service [https] failed
[ ] Deallocating section defaults
[ ] Unbinding service [https]
[ ] Service [https] closed
[ ] Deallocating section [https]

[!] Server is down

thank you  :)
« Last Edit: July 16, 2019, 12:31:47 PM by WalkMan465 »

Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
  • Posts: 1233
  • ....... chut ! shh!
    • View Profile
Re: HFS including SSl tools
« Reply #235 on: July 16, 2019, 01:26:31 PM »
Welcome Walkman  :D on this forum,  :)

Try to change port 443 to another port (tcp).
Open it on the internet in your box / router
Then restart a new configuration.
The 443 seems already used on your machine.

To translate HFS into Russian language, you can consult the following links:

http://rejetto.com/forum/index.php?topic=13134.0

http://rejetto.com/forum/index.php?topic=13150.0
« Last Edit: July 16, 2019, 01:30:12 PM by SilentPliz »

Offline WalkMan465

  • Occasional poster
  • *
  • Posts: 4
    • View Profile
Re: HFS including SSl tools
« Reply #236 on: July 16, 2019, 02:15:38 PM »
i forgot say - my system is windows 10. Port in my settings 84. I try copy and launch program with my settins on virtual win xp. Its ok. stunnel working. In my win10 not(
« Last Edit: July 16, 2019, 02:23:27 PM by WalkMan465 »

Offline bmartino1

  • Tireless poster
  • ****
  • Posts: 861
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
Re: HFS including SSl tools
« Reply #237 on: July 16, 2019, 04:31:25 PM »
i forgot say - my system is windows 10. Port in my settings 84. I try copy and launch program with my settins on virtual win xp. Its ok. stunnel working. In my win10 not(

stunnel errored die to port 443 in use. 0rograms such as slype and teamvoew need a settong chges

Binding service [https] to 0.0.0.0:443: Address already in use (WSAEADDRINUSE) (10048)

this is why it failed

https://answers.microsoft.com/en-us/skype/forum/all/how-do-i-stop-skype-from-using-port-80-and-443-for/fa980ca8-f732-416b-927d-1b854a850820
I'm only trying to help i mean no offense.
thank you for your time and patience,
Bmartino1

Offline WalkMan465

  • Occasional poster
  • *
  • Posts: 4
    • View Profile
Re: HFS including SSl tools
« Reply #238 on: July 16, 2019, 04:51:30 PM »
Yeah!  8) the truth was somewhere near. How could I not notice  :o

Thanks guys  ;D

But, one question. Its normal? Image attached)
« Last Edit: July 16, 2019, 04:53:34 PM by WalkMan465 »

Offline bmartino1

  • Tireless poster
  • ****
  • Posts: 861
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
Re: HFS including SSl tools
« Reply #239 on: July 16, 2019, 06:38:02 PM »
yes that is normal

that is due to public generate ssl certificate and a issue on the web to sign your certificate. you have to pay a company to sign a certificate ssl key for use in stunnel to remove that message.

https://www.sslshopper.com/ssl-checker.html

https://serverfault.com/questions/177971/how-to-trust-my-own-self-signed-ssl-cert

the fact that you hot the https error cert tell me stunnel is configured properly and working.




I'm only trying to help i mean no offense.
thank you for your time and patience,
Bmartino1