[Gug-cvs] gug/etc stunnel.conf,NONE,1.1
Status: Planning
Brought to you by:
szferi
Menu
▾
▴
[Gug-cvs] gug/etc stunnel.conf,NONE,1.1
|
From: Roczei G. <ro...@us...> - 2007-07-24 18:45:21
|
Update of /cvsroot/gug/gug/etc In directory sc8-pr-cvs2.sourceforge.net:/tmp/cvs-serv11141 Added Files: stunnel.conf Log Message: stunnel4 config HTTP HTTP HTTPS GUG client <-------> Eclipse TCP/IP monitor <-----> stunnel4 <------> GUG server --- NEW FILE: stunnel.conf --- ; Sample stunnel configuration file by Michal Trojnara 2002-2006 ; Some options used here may not be adequate for your particular configuration ; Please make sure you understand them (especially the effect of chroot jail) ; Certificate/key is needed in server mode and optional in client mode cert = /etc/stunnel/roadwarrior_cert.pem key = /etc/stunnel/roadwarrior_key.pem ; Protocol version (all, SSLv2, SSLv3, TLSv1) sslVersion = SSLv3 ; Some security enhancements for UNIX systems - comment them out on Win32 chroot = /var/lib/stunnel4/ setuid = stunnel4 setgid = stunnel4 ; PID is created inside chroot jail pid = /stunnel4.pid ; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 ;compression = rle ; Workaround for Eudora bug ;options = DONT_INSERT_EMPTY_FRAGMENTS ; Authentication stuff ;verify = 2 ; Don't forget to c_rehash CApath ; CApath is located inside chroot jail ;CApath = /certs ; It's often easier to use CAfile CAfile = /etc/stunnel/gugca_cert.pem ; Don't forget to c_rehash CRLpath ; CRLpath is located inside chroot jail ;CRLpath = /crls ; Alternatively you can use CRLfile ;CRLfile = /etc/stunnel/crls.pem ; Some debugging stuff useful for troubleshooting debug = 7 output = /var/log/stunnel4/stunnel.log ; Use it for client mode client = yes ; Service-level configuration [gridsite] accept = localhost:30000 connect = gridsite.grid.niif.hu:21111 ;[storage] ;accept = localhost:50000 ;connect = storage.grid.niif.hu:21111 ; vim:ft=dosini |
