xnix:stunnel_tls_tunnel
stunnel 的 TLS Tunnel 精简配置
只介绍 stunnel 作为 TLS Tunnel 的配置文件, 关于证书方面不介绍了.
不作客户端的证书验证, 仅TLS Tunnel
注: 对应新版openssl及stunnel, 以下配置为启用了TLSv1.3. 如果需要查看旧版TLSv1.2, 参看页面修改记录.
sslVersionMin = TLSv1.3 ciphersuites = TLS_AES_256_GCM_SHA384 socket=l:TCP_NODELAY=1 socket=r:TCP_NODELAY=1 pid=/tmp/stunnel.pid sessionCacheTimeout=3600 sessionCacheSize=1000 setuid=65534 setgid=65534 delay=no verify=0 [https] accept=10000 connect=127.0.0.1:11000 CAfile=/usr/local/etc/nginx/ssl/fullchain.pem cert=/usr/local/etc/nginx/ssl/fullchain.pem key=/usr/local/etc/nginx/ssl/privkey.pem
xnix/stunnel_tls_tunnel.txt · 最后更改: 2021/08/18 10:17 由 Hshh