Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Stunnel
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{multiple issues|{{primary sources|date=January 2024}}{{more citations needed|date=January 2024}}}} {{short description|Free software TLS/SSL tunneling implementation}} {{Use dmy dates|date=July 2019}} {{Infobox software | name = stunnel | logo = Stunnel logo.png | developer = Michał Trojnara | released = {{Start date and age|1998|02|11|df=yes}}<ref>{{Cite web |title=stunnel change log|url=https://www.stunnel.org/NEWS.html |access-date=2024-03-02 |website=stunnel.org |language=en}}</ref> | latest release version = {{wikidata|property|preferred|references|edit|P348|P548=Q2804309}} | latest release date = {{Start date and age|{{wikidata|qualifier|preferred|single|P348|P548=Q2804309|P577}}|df=yes}} | repo = {{URL|https://www.stunnel.org/downloads.html}} | programming language = C<ref>{{cite web|url=https://github.com/mtrojnar/stunnel/tree/master/src|title=stunnel sources|last=Trojnara|first=Michał|website=GitHub|access-date=12 May 2020}}</ref> | operating system = Multi-platform | genre = [[Proxy server|Proxy]], [[Encryption]] | license = [[GNU General Public License]] | website = {{Official URL}} }} '''Stunnel''' is an [[open-source software|open-source]] multi-platform [[application software|application]] used to provide a universal [[Transport Layer Security|TLS/SSL]] [[Tunneling protocol|tunneling]] service. Stunnel is used to provide secure encrypted connections for clients or servers that do not speak TLS or SSL natively.<ref>O'Donovan, Barry (October 2004). [http://linuxgazette.net/107/odonovan.html "Secure Communication with Stunnel"]. ''[[Linux Gazette]]'', Issue 107.</ref> It runs on a variety of operating systems,<ref>{{Cite web |url=https://www.stunnel.org/PORTS.html |title="stunnel: Ports" |access-date=24 August 2020 |archive-date=1 April 2019 |archive-url=https://web.archive.org/web/20190401195456/http://www.stunnel.org/ports.html |url-status=dead }}</ref> including most [[Unix-like]] operating systems and [[Microsoft Windows|Windows]]. Stunnel relies on the [[OpenSSL]] [[Library (computing)|library]] to implement the underlying TLS or SSL protocol. Stunnel uses [[public-key cryptography]] with [[X.509]] [[Public key certificate|digital certificates]] to secure the SSL connection, and clients can optionally be authenticated via a certificate.<ref>[https://www.stunnel.org/static/stunnel.html "stunnel(8) manual"]</ref> If [[Linker (computing)|linked]] against [[TCP Wrapper|libwrap]], it can be configured to act as a [[proxy server|proxy]]–[[firewall (networking)|firewall]] service as well.{{Citation needed|date=October 2023}} Stunnel is maintained by Polish programmer Michał Trojnara and released under the terms of the [[GNU General Public License]] (GPL) with [[OpenSSL]] exception.<ref>{{Cite web |title=stunnel license (see COPYRIGHT.md for detailed GPL conditions) |url=https://www.stunnel.org/COPYING.html |access-date=2024-03-02 |website=stunnel.org |language=en}}</ref> ==Example== A stunnel can be used to provide a secure [[Transport Layer Security|SSL]] connection to an existing non-SSL-aware [[Simple Mail Transfer Protocol|SMTP]] mail server. Assuming the SMTP server expects TCP connections on [[Port (computer networking)|port]] 25, the stunnel would be configured to map the SSL port 465 to non-SSL port 25. A mail client connects via SSL to port 465. Network traffic from the client initially passes over SSL to the stunnel application, which transparently encrypts and decrypts traffic and forwards unsecured traffic to port 25 locally. The mail server sees a non-SSL mail client.{{citation needed|date=October 2019}} The stunnel process could be running on the same or a different server from the unsecured mail application; however, both machines would typically be behind a firewall on a secure [[internal network]] (so that an intruder could not make its own unsecured connection directly to port 25).{{Citation needed|date=October 2023}} == See also == * [[Tunneling protocol]] ==References== {{Reflist}} ==External links== * {{Official website}} {{Cryptographic software}} {{TLS/SSL}} {{Portal bar|Free and open-source software}} [[Category:Cryptographic software]] [[Category:Free security software]] [[Category:Unix network-related software]] [[Category:Transport Layer Security implementation]] [[Category:Tunneling protocols]] [[Category:Network protocols]]
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)
Pages transcluded onto the current version of this page
(
help
)
:
Template:Citation needed
(
edit
)
Template:Cite web
(
edit
)
Template:Cryptographic software
(
edit
)
Template:Infobox
(
edit
)
Template:Infobox software
(
edit
)
Template:Main other
(
edit
)
Template:Multiple issues
(
edit
)
Template:Official website
(
edit
)
Template:Portal bar
(
edit
)
Template:Reflist
(
edit
)
Template:Short description
(
edit
)
Template:TLS/SSL
(
edit
)
Template:Template other
(
edit
)
Template:Use dmy dates
(
edit
)