How about SSL support

SilentPliz · **Reply #90 on:** February 19, 2009, 03:28:26 PM

If everything is configured properly, you will see the Stunnel log when an user will be logged on your server.
The .Last file is a good sign.

To be continued...

SilentPliz · **Reply #91 on:** February 19, 2009, 03:51:57 PM

You do not have a file stunnel.log in your HFS folder ?

Ranger · **Reply #92 on:** February 19, 2009, 08:32:16 PM

No just a stunnel.last file that appeared.

SilentPliz · **Reply #93 on:** February 19, 2009, 08:50:17 PM

- In file stunnel.conf of the folder of stunnel.exe , specify the path of HFS where the file stunnel.log will be created.
(Debug = 6 gives a correct result)

; Some debugging stuff useful for troubleshooting
debug = 6
output = C:\path\of\hfs folder\stunnel.log

Ranger · **Reply #94 on:** February 19, 2009, 10:31:04 PM

Quote from: SilentPliz on February 19, 2009, 08:50:17 PM

- In file stunnel.conf of the folder of stunnel.exe , specify the path of HFS where the file stunnel.log will be created.
(Debug = 6 gives a correct result)

; Some debugging stuff useful for troubleshooting
debug = 6
output = C:\path\of\hfs folder\stunnel.log

Yup added exactly that.

Code: [Select]

; Some debugging stuff useful for troubleshooting
debug = 6
output = C:\Program Files\HFS\stunnel.log

SilentPliz · **Reply #95 on:** February 21, 2009, 04:54:57 AM

Test to see if the stunnel.log is really created in the stunnel folder, or elsewhere on your hard drive.

Ranger · **Reply #96 on:** February 23, 2009, 03:06:08 PM

Quote from: SilentPliz on February 21, 2009, 04:54:57 AM

Test to see if the stunnel.log is really created in the stunnel folder, or elsewhere on your hard drive.

Yea, stunnel.log exists in the Stunnel folder.

SilentPliz · **Reply #97 on:** February 23, 2009, 03:31:56 PM

So is that something is misconfigured in your stunnel.conf

The file Stunnel.log should be created in the folder of hfs.exe

stunnel.conf eg:

cert = stunnel.pem
key = stunnel.pem

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1

compression = zlib

options = ALL
options = NO_SSLv2

debug = 6
output = C:\HFS\stunnel.log

[https]
accept = 0.0.0.0:58620
connect = 127.0.0.1:44300
local = 192.168.1.3
TIMEOUTclose = 0

Ranger · **Reply #98 on:** February 23, 2009, 04:00:22 PM

Ah got it now, I put a ; in front of the original debug but not the old path. I just overwrote it with the new path.

Thanks for all the help.

SilentPliz · **Reply #99 on:** February 23, 2009, 04:03:42 PM

Your welcome !

Mars · **Reply #100 on:** February 23, 2009, 09:40:51 PM

Quote from: SilentPliz on February 23, 2009, 04:03:42 PM

Your welcome !

You are finally going to be able to sleep at night

SilentPliz · **Reply #101 on:** February 23, 2009, 09:44:34 PM

J'y vais tout de suite. zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

jaron840 · **Reply #102 on:** March 15, 2009, 09:18:30 AM

hello i need major help.. I hate askin so i spend 2 days to no avail lol.. router port https: 443.. HFS domain name and have it looking for port 80.. I read everything i could about this

.. the other guy had proxy issues i don't.. firefox and ie = no proxy.. i have to put "client = yes" in my conf.file or it will bring up an error on ssl accept.. HFS Ban List = \127.0.0.1;192.168.2.*.. here it is.. oh and everything works without stunnel untill i changed the ports for stunnel.

2009.03.15 04:07:02 LOG6[3316:4076]: Compression enabled using zlib method
2009.03.15 04:07:02 LOG7[3316:4076]: RAND_status claims sufficient entropy for the PRNG
2009.03.15 04:07:02 LOG7[3316:4076]: PRNG seeded successfully
2009.03.15 04:07:02 LOG7[3316:4076]: Configuration SSL options: 0x01000FFF
2009.03.15 04:07:02 LOG7[3316:4076]: SSL options set: 0x01000FFF
2009.03.15 04:07:02 LOG7[3316:4076]: Certificate: stunnel.pem
2009.03.15 04:07:02 LOG7[3316:4076]: Certificate loaded
2009.03.15 04:07:02 LOG7[3316:4076]: Key file: stunnel.pem
2009.03.15 04:07:02 LOG7[3316:4076]: Private key loaded
2009.03.15 04:07:02 LOG7[3316:4076]: SSL context initialized for service https
2009.03.15 04:07:02 LOG5[3316:4076]: stunnel 4.26 on x86-pc-mingw32-gnu with OpenSSL 0.9.8i 15 Sep 2008
2009.03.15 04:07:02 LOG5[3316:4076]: Threading:WIN32 SSL:ENGINE Sockets:SELECT,IPv6
2009.03.15 04:07:02 LOG5[3316:4092]: No limit detected for the number of clients
2009.03.15 04:07:02 LOG7[3316:4092]: FD 204 in non-blocking mode
2009.03.15 04:07:02 LOG7[3316:4092]: SO_REUSEADDR option set on accept socket
2009.03.15 04:07:02 LOG7[3316:4092]: https bound to 0.0.0.0:443
2009.03.15 04:08:12 LOG7[3316:4092]: https accepted FD=236 from 74.196.173.16:4757
2009.03.15 04:08:12 LOG7[3316:4092]: Creating a new thread
2009.03.15 04:08:12 LOG7[3316:4092]: New thread created
2009.03.15 04:08:12 LOG7[3316:3748]: https started
2009.03.15 04:08:12 LOG7[3316:3748]: FD 236 in non-blocking mode
2009.03.15 04:08:12 LOG7[3316:3748]: TCP_NODELAY option set on local socket
2009.03.15 04:08:12 LOG5[3316:3748]: https accepted connection from 74.196.173.16:4757
2009.03.15 04:08:12 LOG7[3316:3748]: FD 268 in non-blocking mode
2009.03.15 04:08:12 LOG7[3316:3748]: https connecting 127.0.0.1:80
2009.03.15 04:08:12 LOG7[3316:3748]: connect_wait: waiting 10 seconds
2009.03.15 04:08:12 LOG7[3316:3748]: connect_wait: connected
2009.03.15 04:08:12 LOG5[3316:3748]: https connected remote server from 192.168.2.76:4758
2009.03.15 04:08:12 LOG7[3316:3748]: Remote FD=268 initialized
2009.03.15 04:08:12 LOG7[3316:3748]: TCP_NODELAY option set on remote socket
2009.03.15 04:08:12 LOG7[3316:3748]: SSL state (connect): before/connect initialization
2009.03.15 04:08:12 LOG7[3316:3748]: SSL state (connect): SSLv3 write client hello A
2009.03.15 04:08:12 LOG3[3316:3748]: SSL_connect: Peer suddenly disconnected
2009.03.15 04:08:12 LOG5[3316:3748]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2009.03.15 04:08:12 LOG7[3316:3748]: https finished (0 left)

-----------------------------------------------------------------------------------------------------------

cert = stunnel.pem
key = stunnel.pem

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1

compression = zlib

options = ALL
options = NO_SSLv2

debug = 7
output = stunnel.log

client = yes

[https]
accept = 0.0.0.0:443
connect = 127.0.0.1:80
local = 192.168.2.76
TIMEOUTclose = 0

jaron840 · **Reply #103 on:** March 16, 2009, 11:13:13 PM

Also, when i try to access stunnel in IE it doesn't register.. just says page can't be displayed.. and in firefox it reaches stunnel and hfs recieves connection for like a split second.. can see it on the hfs server.. but then disconnects.. anyone have any idea?

jaron840 · **Reply #104 on:** March 18, 2009, 02:34:20 AM

Woot got it working if anyone else has this problem.. it is because the server you created doesn't have an authorized SSL certification.. and you have to pay big bucks for them.. firefox wasn't even giving me info that said it was because of this.. i finally went crazy in the firefox config options... firefox -> tools -> options -> advanced -> server.. add your cite to firefox.. downside you have to do this on most of the computers you access the server from.. some older browsers might ask you to confirm but i didn't want an older browser

How about SSL support

SilentPliz

Re: How about SSL support

SilentPliz

Re: How about SSL support

Ranger

Re: How about SSL support

SilentPliz

Re: How about SSL support

Ranger

Re: How about SSL support

SilentPliz

Re: How about SSL support

Ranger

Re: How about SSL support

SilentPliz

Re: How about SSL support

Ranger

Re: How about SSL support

SilentPliz

Re: How about SSL support

Mars

Re: How about SSL support

SilentPliz

Re: How about SSL support

jaron840

Re: How about SSL support

jaron840

Re: How about SSL support

jaron840

Re: How about SSL support