Lab 15 Stunnel - Herrscherr0Z/SYS255 GitHub Wiki

In this lab we configured stunnel for the web01 and mail01 servers.

Stunnel is a program that works with others to provide TLS encryption without completely reconfiguring a system.

** How does it work??

It works by using TCP wrappers which wrap TCP traffic with encryption to make it more secure

To install stunnel first you type in

sudo yum -y install stunnel

then navigate to /etc/stunnel then type sudo vi stunnel.conf

Then enter

[https]

accept = 443

connect = 127.0.0.1:80

cert = /etc/stunnel/stunnel.pem

then type in sudo openssl genrsa -out key.pem 2048

then sudo openssl req -new -x509 -key key.pem -out cert.pem -days 1095

After that command it will ask for country, state, company etc, however whats important is the Hostname which in this case I put web01-joshua.joshua.local

then type in cat key.pem cert.pem >> /etc/stunnel/stunnel.pem

Finally to run stunnel type in stunnel stunnel.conf

and to check that its working in my case type into the web browser https://web01-joshua.joshua.local and you should see that it is working!

Resource: https://docs.google.com/document/d/1VEFGlgyuYL4ZTUhslSAbCT3TAVRcy7end86vnruD2AI/edit

PDF: (input soon)