net/stunnel/files/stunnel.conf

   1
   2 ; Certificate/key is needed in server mode and optional in client mode
   3 cert = /etc/stunnel/stunnel.pem
   4 ;key = /usr/etc/stunnel/mail.pem
   5
   6 ; Protocol version (all, SSLv2, SSLv3, TLSv1)
   7 sslVersion = all
   8
   9 ; Some security enhancements for UNIX systems - comment them out on Win32
  10 chroot = /tmp
  11 setuid = nobody
  12 ;setgid = nobody
  13 pid = /stunnel.pid
  14
  15 ; Some performance tunings
  16 socket = l:TCP_NODELAY=1
  17 socket = r:TCP_NODELAY=1
  18 ;compression = rle
  19
  20 ; Workaround for Eudora bug
  21 ;options = DONT_INSERT_EMPTY_FRAGMENTS
  22
  23 ;verify = 2
  24 ;CApath = /certs
  25 ;CAfile = /usr/etc/stunnel/certs.pem
  26 ;CRLpath = /crls
  27 ;CRLfile = /usr/etc/stunnel/crls.pem
  28
  29 ; Some debugging stuff useful for troubleshooting
  30 ;debug = 7
  31 ;output = stunnel.log
  32
  33 ; Use it for client mode
  34 ;client = yes
  35
  36 ; Service-level configuration
  37
  38 ;[pop3s]
  39 ;accept  = 995
  40 ;connect = 110
  41 ;
  42 ;[imaps]
  43 ;accept  = 993
  44 ;connect = 143
  45 ;
  46 ;[ssmtp]
  47 ;accept  = 465
  48 ;connect = 25
  49
  50 [https]
  51 accept  = 443
  52 connect = 80
  53 TIMEOUTclose = 0
  54
  55 [chilli]
  56 accept  = 3443
  57 connect = 3442
  58 TIMEOUTclose = 0
  59
  60 ; vim:ft=dosini