need stunnel docs pointer
From: Jay G. Scott (gl_at_csdsun1.arlut.utexas.edu)
Date: 09/08/04
- Previous message: Joerg Schilling: "Re: Broken dtrace documentation"
- Next in thread: Richard S. Shuford: "securing network messages (was: need stunnel docs pointer)"
- Reply: Richard S. Shuford: "securing network messages (was: need stunnel docs pointer)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 8 Sep 2004 18:12:46 +0000 (UTC)
Greetings,
I'll omit a lot, in the interest of brevity.
The basic, original problem was this: 1 server, N clients.
Short, infrequent messages from the clients to the server.
(Real short, like 14 bytes, and, oh, just guessing, an average
of 3 messages/hour; spikes of say, 10msgs/15 sec, but long
stretches of silence.) So performance is not an issue.
I have this working. Now I need to encrypt the messages.
stunnel looks like a quick, easy way to do this. But I'm
confused about how many, what kind, and where to put,
the various certficates. And I also can't puzzle out
the stunnel configuration files.
I've figured out from the stunnel man page that (err,
actually, I may be wrong about this, too) I want
something like this:
servermachine> stunnel server.conffile
clientmachine> stunnel client.conffile
I only need to stunnel my clientprog and serverprog.
I'm getting the impression that there's a Generic stunnel configuration
file? I guess on each of servermachine and clientmachine, in
addition to *.conffile?
Is every client going to need a distinct set of certificates?
Does the server have to get a copy of them?
I have this book on openssl, but it's proving to be more of a
hindrance than a help. I tried to skip the nasty details of
the contents of the certificates, because, right now, I just
want to prove I can get something going. I think I also
skipped the answer I need. Or maybe it's not there.
I __REALLY__ want a pointer to a cookbook. Once I can do
the simple stuff, get my feet wet, then I'll be able to follow
the (grumble) book, I expect.
j.
-- Jay Scott 512-835-3553 gl@arlut.utexas.edu Head of Sun Support, Sr. Operating Systems Specialist Applied Research Labs, Computer Science Div. S224 University of Texas at Austin
- Previous message: Joerg Schilling: "Re: Broken dtrace documentation"
- Next in thread: Richard S. Shuford: "securing network messages (was: need stunnel docs pointer)"
- Reply: Richard S. Shuford: "securing network messages (was: need stunnel docs pointer)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
