config/stunnel/stunnel.conf

   1 ; File: /etc/stunnel/stunnel.conf
   2
   3 ; Note: The pid and output locations are relative to the chroot location.
   4
   5 pid    = /run/stunnel.pid
   6 chroot = /var/lib/stunnel
   7 client = no
   8 setuid = stunnel
   9 setgid = stunnel
  10 cert   = /etc/stunnel/stunnel.pem
  11
  12 ;debug = 7
  13 ;output = stunnel.log
  14
  15 ;[https]
  16 ;accept  = 443
  17 ;connect = 80
  18 ;; "TIMEOUTclose = 0" is a workaround for a design flaw in Microsoft SSL
  19 ;; Microsoft implementations do not use SSL close-notify alert and thus
  20 ;; they are vulnerable to truncation attacks
  21 ;TIMEOUTclose = 0