tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry Shatzer, Jr." <lar...@gmail.com>
Subject Re: [OT] Tunneling an arbitrary protocol via SSL/TLS
Date Mon, 09 Sep 2013 19:00:35 GMT
On Mon, Sep 9, 2013 at 12:50 PM, Christopher Schultz <
chris@christopherschultz.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> All,
>
> Somewhat off-topic, but I was wondering if anyone knew of any package
> or technique that could be used to tunnel an arbitrary protocol via TLS?
>
> In this particular case, I need to wrap HTTP in TLS (to make HTTPS :)
> without modifying the source of the client -- and the client does not
> support HTTPS. :(
>
> So far, I've come up with the following possibilities:
>
> 1. Use stunnel. This is using a different technique to /avoid/ HTTPS.
> I'm not actually not sure this will work in this particular case, as
> the remote service probably doesn't support stunnel connections. This
> was just an idea for getting a secure, remote connection as easily as
> possible.
>
> 2. Use an HTTP proxy. This obviously wouldn't support an "arbitrary"
> protocol, but I think it would get the job done. Any suggestions for
> simply and free proxy software? About all I need to do is configure a
> client SSL certificate.
>
>
Have you looked at HAProxy? http://haproxy.1wt.eu/


> 3. Hack the code. I'm worried that this may be my only recourse. I'm
> fully capable of writing an HTTPS connector but I'm not sure how hairy
> it will be to actually work within the architecture of this client.
>
> If anyone has any other brilliant ideas, I'd be happy to hear about them.
>
> Thanks,
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.14 (Darwin)
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBCAAGBQJSLhhbAAoJEBzwKT+lPKRYVGYQAMPWcBxF0Spv9q0/8rlS1t2n
> in3hhvnhFI4rrT9zLZcuC+OdAtkZA+Xh6hPzjrqAWIN/aWgdBectDHaEhth7NzoW
> Pn3eZMF6pAOiwFOv2cwZn/PdwUznlFID2vNK2E/ptt/NG1uIrAUhPIawv50mgIgf
> RG/dnMVy1LQnx3IJWc9LJjOg4vgSpvQS1duubXXbEesuo5FP+AtAeXLn+Nd2M978
> Lv+alncdNfa/2GjiKn0Ugx0QGKob2e/IjivF6nc2rvzeun+FwYHkWYI1prcK9fdH
> QJnKBFJFYmobc2e+UlE7U6f5M2vU26OcRGyrHvuqQomRTmjfH6m8WQTeVgfnrXxF
> 7/VPJAq5HzJPPZcTyeUNf3y4QpEPXP2NUds2xUBfE3Juova+6GWmTxzgaEUEKmKD
> ehybAIlHHck/bgchWSDdxAg2aEZQVFRKLv4lGwfXj/Pc7+maqeh4FBMMHVGL+BjM
> lwVWsvbdHjd4rubmYyN9YLieI+IaZ+wvcVhl9yu9grsg3rVBzJR+kFen5PH6+plu
> hQwVPdQ/uXQGGdSSbjW/nck5mzfHsq0JNP89Bp2GeTW8LxAknSJjtRyHAF4u4AI2
> yd5bf8PG1fIe1oAWboMxPO7Hdik5KufWxNTF5zvs0+KMeE8XjEAsgMr3a8G5AIuK
> u3PHl40CBxg/xAFe6pcZ
> =VcjY
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message