It’s because the web site GETs a request for http://127.0.0.1/ not for http://www.stunnel.org/
Just as an academic exercise, you may want to add this line to your hosts file (usually in \windows\system32\drivers\etc\hosts): 127.0.0.1 www.stunnel.net Then change your connect line to the IP address of www.stunnel.net (now 104.239.213.7 or 198.105.254.11). And test again. Saludos Jose Alfredo Diaz > On Nov 2, 2017, at 7:30 AM, Osvald Brko <[email protected]> wrote: > > Hello, > I try to use stunnel for web browsing (https), and I am not successful. > (While mail client against IMAP server works fine). > Can anybody give me a hint what to try? > > The situation: > Windows XP SP3, MSIE 8 (or Firefox 43.0.1. for check), stunnel 5.42 > > stunnel.conf : > > debug = 7 > [https_test] > client = yes > accept = 127.0.0.1:8888 > connect = www.stunnel.org:443 > > http://127.0.0.1:8888/ -> Error HTTP 404 Not Found > > 2017.11.02 13:01:50 LOG7[main]: Running on Windows 5.1 > 2017.11.02 13:01:50 LOG7[main]: No limit detected for the number of clients > 2017.11.02 13:01:50 LOG5[main]: stunnel 5.42 on x86-pc-msvc-1500 platform > 2017.11.02 13:01:50 LOG5[main]: Compiled/running with OpenSSL 1.0.2l-fips 25 > May 2017 > 2017.11.02 13:01:50 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 > TLS:ENGINE,FIPS,OCSP,PSK,SNI > 2017.11.02 13:01:50 LOG7[main]: errno: (*_errno()) > 2017.11.02 13:01:50 LOG7[ui]: GUI message loop initialized > 2017.11.02 13:01:50 LOG7[main]: Running on Windows 5.1 > 2017.11.02 13:01:50 LOG5[main]: Reading configuration from file stunnel.conf > 2017.11.02 13:01:50 LOG5[main]: UTF-8 byte order mark detected > 2017.11.02 13:01:50 LOG5[main]: FIPS mode disabled > 2017.11.02 13:01:50 LOG7[main]: Compression disabled > 2017.11.02 13:01:50 LOG7[main]: PRNG seeded successfully > 2017.11.02 13:01:50 LOG6[main]: Initializing service [XXXXXX-imap] > 2017.11.02 13:01:50 LOG7[main]: Ciphers: HIGH:!DH:!aNULL:!SSLv2 > 2017.11.02 13:01:50 LOG7[main]: TLS options: 0x03000004 (+0x03000000, > -0x00000000) > 2017.11.02 13:01:50 LOG7[main]: No certificate or private key specified > 2017.11.02 13:01:50 LOG6[main]: Initializing service [https_test] > 2017.11.02 13:01:50 LOG7[main]: Ciphers: HIGH:!DH:!aNULL:!SSLv2 > 2017.11.02 13:01:50 LOG7[main]: TLS options: 0x03000004 (+0x03000000, > -0x00000000) > 2017.11.02 13:01:50 LOG7[main]: No certificate or private key specified > 2017.11.02 13:01:50 LOG4[main]: Service [https_test] needs authentication to > prevent MITM attacks > 2017.11.02 13:01:50 LOG5[main]: Configuration successful > 2017.11.02 13:01:50 LOG7[main]: Listening file descriptor created (FD=236) > 2017.11.02 13:01:50 LOG7[main]: Service [XXXXXX-imap] (FD=236) bound to > 127.0.0.1:143 > 2017.11.02 13:01:50 LOG7[main]: Listening file descriptor created (FD=260) > 2017.11.02 13:01:50 LOG7[main]: Service [https_test] (FD=260) bound to > 127.0.0.1:8888 > 2017.11.02 13:01:50 LOG7[cron]: Cron thread initialized > 2017.11.02 13:02:11 LOG7[main]: Found 1 ready file descriptor(s) > 2017.11.02 13:02:11 LOG7[main]: FD=236 ifds=r-x ofds=--- > 2017.11.02 13:02:11 LOG7[main]: FD=248 ifds=r-x ofds=--- > 2017.11.02 13:02:11 LOG7[main]: Service [https_test] accepted (FD=304) from > 127.0.0.1:3424 > 2017.11.02 13:02:11 LOG7[main]: Creating a new thread > 2017.11.02 13:02:11 LOG7[main]: New thread created > 2017.11.02 13:02:11 LOG7[0]: Service [https_test] started > 2017.11.02 13:02:11 LOG7[0]: Option TCP_NODELAY set on local socket > 2017.11.02 13:02:11 LOG5[0]: Service [https_test] accepted connection from > 127.0.0.1:3424 > 2017.11.02 13:02:11 LOG6[0]: s_connect: connecting 207.192.69.165:443 > 2017.11.02 13:02:11 LOG7[0]: s_connect: s_poll_wait 207.192.69.165:443: > waiting 10 seconds > 2017.11.02 13:02:11 LOG5[0]: s_connect: connected 207.192.69.165:443 > 2017.11.02 13:02:11 LOG5[0]: Service [https_test] connected remote server > from XX.XXX.XXX.XXX:3425 > 2017.11.02 13:02:11 LOG7[0]: Option TCP_NODELAY set on remote socket > 2017.11.02 13:02:11 LOG7[0]: Remote descriptor (FD=320) initialized > 2017.11.02 13:02:11 LOG6[0]: SNI: sending servername: www.stunnel.org > 2017.11.02 13:02:11 LOG6[0]: Peer certificate not required > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): before/connect > initialization > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): SSLv2/v3 write client hello > A > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): SSLv3 read server hello A > 2017.11.02 13:02:11 LOG6[0]: Certificate verification disabled > 2017.11.02 13:02:11 LOG6[0]: Certificate verification disabled > 2017.11.02 13:02:11 LOG6[0]: Certificate verification disabled > 2017.11.02 13:02:11 LOG6[0]: Certificate verification disabled > 2017.11.02 13:02:11 LOG6[0]: Certificate verification disabled > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): SSLv3 read server > certificate A > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): SSLv3 read server key > exchange A > 2017.11.02 13:02:11 LOG6[0]: Client certificate not requested > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): SSLv3 read server done A > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): SSLv3 write client key > exchange A > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): SSLv3 write change cipher > spec A > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): SSLv3 write finished A > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): SSLv3 flush data > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): SSLv3 read server session > ticket A > 2017.11.02 13:02:11 LOG7[0]: TLS state (connect): SSLv3 read finished A > 2017.11.02 13:02:11 LOG7[0]: 1 client connect(s) requested > 2017.11.02 13:02:11 LOG7[0]: 1 client connect(s) succeeded > 2017.11.02 13:02:11 LOG7[0]: 0 client renegotiation(s) requested > 2017.11.02 13:02:11 LOG7[0]: 0 session reuse(s) > 2017.11.02 13:02:11 LOG6[0]: TLS connected: new session negotiated > 2017.11.02 13:02:11 LOG7[0]: Peer certificate was cached (7519 bytes) > 2017.11.02 13:02:11 LOG6[0]: Negotiated TLSv1.2 ciphersuite > ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption) > 2017.11.02 13:02:11 LOG7[0]: Compression: null, expansion: null > 2017.11.02 13:02:16 LOG7[0]: TLS alert (read): warning: close notify > 2017.11.02 13:02:16 LOG6[0]: TLS closed (SSL_read) > 2017.11.02 13:02:16 LOG7[0]: Sent socket write shutdown > 2017.11.02 13:02:21 LOG3[0]: readsocket: Connection reset by peer > (WSAECONNRESET) (10054) > 2017.11.02 13:02:21 LOG5[0]: Connection reset: 565 byte(s) sent to TLS, 399 > byte(s) sent to socket > 2017.11.02 13:02:21 LOG7[0]: Remote descriptor (FD=320) closed > 2017.11.02 13:02:21 LOG7[0]: Local descriptor (FD=304) closed > 2017.11.02 13:02:21 LOG7[0]: Service [https_test] finished (0 left) > 2017.11.02 13:02:50 LOG6[cron]: Executing cron jobs > 2017.11.02 13:02:50 LOG6[cron]: Cron jobs completed in 0 seconds > 2017.11.02 13:02:50 LOG7[cron]: Waiting 86400 seconds > _______________________________________________ > stunnel-users mailing list > [email protected] > https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
