61 lines
1.4 KiB
Text
61 lines
1.4 KiB
Text
# Sample stunnel configuration file by Michal Trojnara 2002-2005
|
|
# Some options used here may not be adequate for your particular configuration
|
|
# Please make sure you understand them (especially the effect of chroot jail)
|
|
|
|
# Certificate/key is needed in server mode and optional in client mode
|
|
# cert = /etc/stunnel/stunnel.pem
|
|
# key = /etc/stunnel/stunnel.pem
|
|
|
|
# Some security enhancements for UNIX systems - comment them out on Win32
|
|
# chroot = /chroot/stunnel/
|
|
setuid = stunnel
|
|
setgid = stunnel
|
|
# PID is created inside chroot jail
|
|
pid = /run/stunnel/stunnel.pid
|
|
|
|
# Some performance tunings
|
|
socket = l:TCP_NODELAY=1
|
|
socket = r:TCP_NODELAY=1
|
|
#compression = rle
|
|
|
|
# Workaround for Eudora bug
|
|
#options = DONT_INSERT_EMPTY_FRAGMENTS
|
|
|
|
# Authentication stuff
|
|
#verify = 2
|
|
# Don't forget to c_rehash CApath
|
|
# CApath is located inside chroot jail:
|
|
#CApath = /certs
|
|
# It's often easier to use CAfile:
|
|
#CAfile = /etc/stunnel/certs.pem
|
|
# Don't forget to c_rehash CRLpath
|
|
# CRLpath is located inside chroot jail:
|
|
#CRLpath = /crls
|
|
# Alternatively you can use CRLfile:
|
|
#CRLfile = /etc/stunnel/crls.pem
|
|
|
|
# Some debugging stuff useful for troubleshooting
|
|
#debug = 7
|
|
#output = stunnel.log
|
|
|
|
# Use it for client mode
|
|
#client = yes
|
|
|
|
# Service-level configuration
|
|
|
|
#[pop3s]
|
|
#accept = 995
|
|
#connect = 110
|
|
|
|
#[imaps]
|
|
#accept = 993
|
|
#connect = 143
|
|
|
|
#[ssmtp]
|
|
#accept = 465
|
|
#connect = 25
|
|
|
|
#[https]
|
|
#accept = 443
|
|
#connect = 80
|
|
#TIMEOUTclose = 0
|