First off, let me say thanks for this great forum! I have done a lot of reading and searching for answers to using HFS, and have been trying for a couple of weeks now attempting to get STunnel to work with HFS. I have followed to the letter the instructions by GeeS, and am having fits trying to get it to work. When I attempt to connect to my server via port 443, I get the page with the server certificate, and after I click on that, I get a IE 'Page cannot be displayed'.
Here is a log of Stunnel when doing this...
2007.05.21 10:05:09 LOG6[3680:3044]: Compression enabled using zlib method
2007.05.21 10:05:09 LOG7[3680:3044]: Snagged 64 random bytes from C:/.rnd
2007.05.21 10:05:09 LOG7[3680:3044]: Wrote 1024 new random bytes to C:/.rnd
2007.05.21 10:05:09 LOG7[3680:3044]: RAND_status claims sufficient entropy for the PRNG
2007.05.21 10:05:09 LOG7[3680:3044]: PRNG seeded successfully
2007.05.21 10:05:09 LOG7[3680:3044]: Configuration SSL options: 0x01000FFF
2007.05.21 10:05:09 LOG7[3680:3044]: SSL options set: 0x01000FFF
2007.05.21 10:05:09 LOG7[3680:3044]: Certificate: stunnel.pem
2007.05.21 10:05:09 LOG7[3680:3044]: Certificate loaded
2007.05.21 10:05:09 LOG7[3680:3044]: Key file: stunnel.pem
2007.05.21 10:05:09 LOG7[3680:3044]: Private key loaded
2007.05.21 10:05:09 LOG7[3680:3044]: SSL context initialized for service https
2007.05.21 10:05:09 LOG5[3680:3044]: stunnel 4.20 on x86-pc-mingw32-gnu with OpenSSL 0.9.8d 28 Sep 2006
2007.05.21 10:05:09 LOG5[3680:3044]: Threading:WIN32 SSL:ENGINE Sockets:SELECT,IPv6
2007.05.21 10:05:09 LOG5[3680:3980]: No limit detected for the number of clients
2007.05.21 10:05:09 LOG7[3680:3980]: FD 188 in non-blocking mode
2007.05.21 10:05:09 LOG7[3680:3980]: SO_REUSEADDR option set on accept socket
2007.05.21 10:05:09 LOG7[3680:3980]: https bound to 0.0.0.0:443
2007.05.21 10:05:47 LOG7[3680:3980]: https accepted FD=232 from 192.168.1.1:1492
2007.05.21 10:05:47 LOG7[3680:3980]: Creating a new thread
2007.05.21 10:05:47 LOG7[3680:3980]: New thread created
2007.05.21 10:05:47 LOG7[3680:2936]: https started
2007.05.21 10:05:47 LOG7[3680:2936]: FD 232 in non-blocking mode
2007.05.21 10:05:47 LOG7[3680:2936]: TCP_NODELAY option set on local socket
2007.05.21 10:05:47 LOG5[3680:2936]: https accepted connection from 192.168.1.1:1492
2007.05.21 10:05:47 LOG7[3680:2936]: SSL state (accept): before/accept initialization
2007.05.21 10:05:47 LOG7[3680:2936]: SSL state (accept): SSLv3 read client hello A
2007.05.21 10:05:47 LOG7[3680:2936]: SSL state (accept): SSLv3 write server hello A
2007.05.21 10:05:47 LOG7[3680:2936]: SSL state (accept): SSLv3 write certificate A
2007.05.21 10:05:47 LOG7[3680:2936]: SSL state (accept): SSLv3 write server done A
2007.05.21 10:05:47 LOG7[3680:2936]: SSL state (accept): SSLv3 flush data
2007.05.21 10:05:47 LOG7[3680:2936]: SSL state (accept): SSLv3 read client key exchange A
2007.05.21 10:05:47 LOG7[3680:2936]: SSL state (accept): SSLv3 read finished A
2007.05.21 10:05:47 LOG7[3680:2936]: SSL state (accept): SSLv3 write change cipher spec A
2007.05.21 10:05:47 LOG7[3680:2936]: SSL state (accept): SSLv3 write finished A
2007.05.21 10:05:47 LOG7[3680:2936]: SSL state (accept): SSLv3 flush data
2007.05.21 10:05:47 LOG7[3680:2936]: 1 items in the session cache
2007.05.21 10:05:47 LOG7[3680:2936]: 0 client connects (SSL_connect())
2007.05.21 10:05:47 LOG7[3680:2936]: 0 client connects that finished
2007.05.21 10:05:47 LOG7[3680:2936]: 0 client renegotiations requested
2007.05.21 10:05:47 LOG7[3680:2936]: 1 server connects (SSL_accept())
2007.05.21 10:05:47 LOG7[3680:2936]: 1 server connects that finished
2007.05.21 10:05:47 LOG7[3680:2936]: 0 server renegotiations requested
2007.05.21 10:05:47 LOG7[3680:2936]: 0 session cache hits
2007.05.21 10:05:47 LOG7[3680:2936]: 0 session cache misses
2007.05.21 10:05:47 LOG7[3680:2936]: 0 session cache timeouts
2007.05.21 10:05:47 LOG6[3680:2936]: SSL accepted: new session negotiated
2007.05.21 10:05:47 LOG6[3680:2936]: Negotiated ciphers: RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
2007.05.21 10:05:47 LOG7[3680:2936]: FD 260 in non-blocking mode
2007.05.21 10:05:47 LOG7[3680:2936]: https connecting 127.0.0.1:44300
2007.05.21 10:05:47 LOG7[3680:2936]: connect_wait: waiting 10 seconds
2007.05.21 10:05:47 LOG7[3680:2936]: connect_wait: connected
2007.05.21 10:05:47 LOG5[3680:2936]: https connected remote server from 127.0.0.1:1645
2007.05.21 10:05:47 LOG7[3680:2936]: Remote FD=260 initialized
2007.05.21 10:05:47 LOG7[3680:2936]: TCP_NODELAY option set on remote socket
2007.05.21 10:05:47 LOG7[3680:2936]: Socket closed on read
2007.05.21 10:05:47 LOG7[3680:2936]: SSL write shutdown
2007.05.21 10:05:47 LOG7[3680:2936]: SSL alert (write): warning: close notify
2007.05.21 10:05:47 LOG6[3680:2936]: SSL socket closed on SSL_shutdown
2007.05.21 10:05:47 LOG7[3680:2936]: Socket write shutdown
2007.05.21 10:05:47 LOG5[3680:2936]: Connection closed: 0 bytes sent to SSL, 0 bytes sent to socket
2007.05.21 10:05:47 LOG7[3680:2936]: https finished (0 left)
2007.05.21 10:05:50 LOG7[3680:3980]: https accepted FD=208 from 192.168.1.1:1493
2007.05.21 10:05:50 LOG7[3680:3980]: Creating a new thread
2007.05.21 10:05:50 LOG7[3680:3980]: New thread created
2007.05.21 10:05:50 LOG7[3680:2996]: https started
2007.05.21 10:05:50 LOG7[3680:2996]: FD 208 in non-blocking mode
2007.05.21 10:05:50 LOG7[3680:2996]: TCP_NODELAY option set on local socket
2007.05.21 10:05:50 LOG5[3680:2996]: https accepted connection from 192.168.1.1:1493
2007.05.21 10:05:50 LOG7[3680:2996]: SSL state (accept): before/accept initialization
2007.05.21 10:05:50 LOG7[3680:2996]: SSL state (accept): SSLv3 read client hello A
2007.05.21 10:05:50 LOG7[3680:2996]: SSL state (accept): SSLv3 write server hello A
2007.05.21 10:05:50 LOG7[3680:2996]: SSL state (accept): SSLv3 write change cipher spec A
2007.05.21 10:05:50 LOG7[3680:2996]: SSL state (accept): SSLv3 write finished A
2007.05.21 10:05:50 LOG7[3680:2996]: SSL state (accept): SSLv3 flush data
2007.05.21 10:05:50 LOG7[3680:2996]: SSL state (accept): SSLv3 read finished A
2007.05.21 10:05:50 LOG7[3680:2996]: 1 items in the session cache
2007.05.21 10:05:50 LOG7[3680:2996]: 0 client connects (SSL_connect())
2007.05.21 10:05:50 LOG7[3680:2996]: 0 client connects that finished
2007.05.21 10:05:50 LOG7[3680:2996]: 0 client renegotiations requested
2007.05.21 10:05:50 LOG7[3680:3980]: https accepted FD=260 from 192.168.1.1:1494
2007.05.21 10:05:50 LOG7[3680:2996]: 2 server connects (SSL_accept())
2007.05.21 10:05:50 LOG7[3680:3980]: Creating a new thread
2007.05.21 10:05:50 LOG7[3680:2996]: 2 server connects that finished
2007.05.21 10:05:50 LOG7[3680:3980]: New thread created
2007.05.21 10:05:50 LOG7[3680:2996]: 0 server renegotiations requested
2007.05.21 10:05:50 LOG7[3680:2996]: 1 session cache hits
2007.05.21 10:05:50 LOG7[3680:2996]: 0 session cache misses
2007.05.21 10:05:50 LOG7[3680:2996]: 0 session cache timeouts
2007.05.21 10:05:50 LOG6[3680:2996]: SSL accepted: previous session reused
2007.05.21 10:05:50 LOG7[3680:2996]: FD 288 in non-blocking mode
2007.05.21 10:05:50 LOG7[3680:2996]: https connecting 127.0.0.1:44300
2007.05.21 10:05:50 LOG7[3680:2996]: connect_wait: waiting 10 seconds
2007.05.21 10:05:50 LOG7[3680:2996]: connect_wait: connected
2007.05.21 10:05:50 LOG7[3680:4008]: https started
2007.05.21 10:05:50 LOG5[3680:2996]: https connected remote server from 127.0.0.1:1646
2007.05.21 10:05:50 LOG7[3680:2996]: Remote FD=288 initialized
2007.05.21 10:05:50 LOG7[3680:2996]: TCP_NODELAY option set on remote socket
2007.05.21 10:05:50 LOG7[3680:2996]: Socket closed on read
2007.05.21 10:05:50 LOG7[3680:2996]: SSL socket closed on SSL_read
2007.05.21 10:05:50 LOG7[3680:2996]: Socket write shutdown
2007.05.21 10:05:50 LOG5[3680:2996]: Connection closed: 0 bytes sent to SSL, 0 bytes sent to socket
2007.05.21 10:05:50 LOG7[3680:2996]: https finished (1 left)
2007.05.21 10:05:50 LOG7[3680:4008]: FD 260 in non-blocking mode
2007.05.21 10:05:50 LOG7[3680:4008]: TCP_NODELAY option set on local socket
2007.05.21 10:05:50 LOG5[3680:4008]: https accepted connection from 192.168.1.1:1494
2007.05.21 10:05:50 LOG7[3680:4008]: SSL state (accept): before/accept initialization
2007.05.21 10:05:50 LOG7[3680:4008]: SSL state (accept): SSLv3 read client hello A
2007.05.21 10:05:50 LOG7[3680:4008]: SSL state (accept): SSLv3 write server hello A
2007.05.21 10:05:50 LOG7[3680:4008]: SSL state (accept): SSLv3 write change cipher spec A
2007.05.21 10:05:50 LOG7[3680:4008]: SSL state (accept): SSLv3 write finished A
2007.05.21 10:05:50 LOG7[3680:4008]: SSL state (accept): SSLv3 flush data
2007.05.21 10:05:50 LOG7[3680:4008]: SSL state (accept): SSLv3 read finished A
2007.05.21 10:05:50 LOG7[3680:4008]: 1 items in the session cache
2007.05.21 10:05:50 LOG7[3680:4008]: 0 client connects (SSL_connect())
2007.05.21 10:05:50 LOG7[3680:4008]: 0 client connects that finished
2007.05.21 10:05:50 LOG7[3680:4008]: 0 client renegotiations requested
2007.05.21 10:05:50 LOG7[3680:4008]: 3 server connects (SSL_accept())
2007.05.21 10:05:50 LOG7[3680:4008]: 3 server connects that finished
2007.05.21 10:05:50 LOG7[3680:4008]: 0 server renegotiations requested
2007.05.21 10:05:50 LOG7[3680:4008]: 2 session cache hits
2007.05.21 10:05:50 LOG7[3680:4008]: 0 session cache misses
2007.05.21 10:05:50 LOG7[3680:4008]: 0 session cache timeouts
2007.05.21 10:05:50 LOG6[3680:4008]: SSL accepted: previous session reused
2007.05.21 10:05:50 LOG7[3680:4008]: FD 216 in non-blocking mode
2007.05.21 10:05:50 LOG7[3680:4008]: https connecting 127.0.0.1:44300
2007.05.21 10:05:50 LOG7[3680:4008]: connect_wait: waiting 10 seconds
2007.05.21 10:05:50 LOG7[3680:4008]: connect_wait: connected
2007.05.21 10:05:50 LOG5[3680:4008]: https connected remote server from 127.0.0.1:1647
2007.05.21 10:05:50 LOG7[3680:4008]: Remote FD=216 initialized
2007.05.21 10:05:50 LOG7[3680:4008]: TCP_NODELAY option set on remote socket
2007.05.21 10:05:50 LOG7[3680:4008]: Socket closed on read
2007.05.21 10:05:50 LOG7[3680:4008]: SSL write shutdown
2007.05.21 10:05:50 LOG7[3680:4008]: SSL alert (write): warning: close notify
2007.05.21 10:05:50 LOG6[3680:4008]: SSL socket closed on SSL_shutdown
2007.05.21 10:05:50 LOG7[3680:4008]: Socket write shutdown
2007.05.21 10:05:50 LOG5[3680:4008]: Connection closed: 0 bytes sent to SSL, 540 bytes sent to socket
2007.05.21 10:05:50 LOG7[3680:4008]: https finished (0 left)
I have HFS set up to listen to port 44300, and have everything set up EXACTLY as described in this forum by GeeS (his update) and I can not get it to allow me to get to the server after activating STunnel. I can access it all day long without STunnel via port 81 (ISP blocks 80), but when I go through the steps to set up STunnel, I can not access it via HTTPS, but can HTTP.
Does anyone have any thoughts on why this wouldn't be working in my case?
Thanks, in advance, for any help!