• 9
name

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191

Backtrace:

File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

Stunnel only for specific domain

I'm configuring stunnel to encapsulate SSL petitions to Haproxy. Haproxy serves several sites in the same IP address:

domain.com - Website
app.domain.com - Node.js webserver

I acquired an SSL certificate that only is valid for site app.domain.com. I would like to configure stunnel to accept petitions to:

https://app.domain.com 

And do not serve petitions to:

https://domain.com

The problem is that if someone tries to acceed to https://domain.com, stunnel encapsulates the app.domain.com certificate (and it's invalid for this domain, of course).

I tried something like this in stunnel.conf:

pid = /var/run/stunnel.pid
output = /var/log/stunnel.log

[https]
cert = /etc/ssl/certs/app.domain.crt
key = /etc/ssl/private/app.domain.key
sni = https:app.domain.com
accept = 443
connect = 80

But when I try to start stunnel I get:

Line 10: End of section https: Each service must define two endpoints
str_stats: 112 block(s), 5843 byte(s)
[Failed: /etc/stunnel/stunnel.conf]
You should check that you have specified the pid= in you configuration file

Any help would be appreciated. Maybe there is another solution like configuring something in haproxy to reject SSL petitions to domain.com.

Trending Tags