; Drop privileges setuid = nobody setgid = nogroup ; When running under procd, stay in foreground foreground = yes ; Don't log to stderr, use syslog syslog = yes ; 1-7. Use 7 for greatest verbosity ;debug = 5 ; Starting here, enter your services or uncomment the examples ; Example: ; If your local httpd does not support HTTPS, use stunnel in remote ; mode to forward TLS connections coming in on port 443 to non-TLS ; on port 80. ; Make sure that the cert is available. ;[httpd] ;accept = 443 ;connect = 127.0.0.1:80 ;cert = /etc/stunnel/stunnel.pem ; Example: ; If your local email client does not support TLS, ; use stunnel in client mode to forward non-TLS connections on ; port 143 to TLS-enabled servername:993. ;[imap] ;client = yes ;accept = 143 ;connect = servername:993 ; Disable peer verification - be sure to understand the limitations of peer ; verification in stunnel when enabling. ;verify = 0 ; Default client section: ; stunnel requires at least one section to start successfully. ; You can safely remove this section once you have configured ; your own. We use client mode here as server requires a certificate. [dummy] client = yes accept = localhost:6000 connect = localhost:6001