On Wed, May 16, 2018 at 04:54:05AM +0000, Alex Birchall wrote: > According to the documentation, "client" mode can be "yes" or "no". Default > is "no" - server mode. > > From: stunnel-users [mailto:[email protected]] On Behalf Of > Alex Birchall > Sent: 16 May 2018 05:50 > To: [email protected] > Subject: [stunnel-users] Stunnel running as service on Windows Server 2008 R2 > but Stunnel All Users shortcut on the desktop reports that it server is down? > > Hello, > > I have Stunnel running as a service on a Windows Server 2008 R2. But the > shortcut on the desktop "Stunnel All Users", when launched, informs me that > the server is down due to an "invalid configuration file". > > In the config file, if Stunnel is being run as a service, should it be > "client = no" or "server = yes"?
The "client" setting does not depend on whether you run stunnel as a service or not; the only thing it depends on is what role you want stunnel to play in the TLS tunnel. When stunnel runs in client mode, it accepts unencrypted connections from other programs (e.g. an e-mail client) and establishes a secure tunnel to a TLS server to send the data encrypted over the network. When stunnel runs in server mode, it accepts encrypted connections over the network, decrypts the data, and sends it to a server that does not know how to or does not want to handle the TLS encryption by itself. If you know that you want to run stunnel in server mode (let it accept TLS connections, decrypt the data and hand it off to some server-like application to process it), then it is "client = no". G'luck, Peter -- Peter Pentchev [email protected] [email protected] [email protected] PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
signature.asc
Description: PGP signature
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
