mbenedettini/gist:5911415

## gistfile1.txt
; Certificate/key is needed in server mode and optional in client mode
; To generate a self-signed certificate run:
; openssl req -new -x509 -days 365 -nodes -config /usr/share/doc/stunnel4/examples/stunnel.cnf -out stunnel.pem -keyout stunnel.pem
cert = /etc/stunnel/ssl/stunnel.pem

; Protocol version (all, SSLv2, SSLv3, TLSv1)
sslVersion = SSLv3

; Some security enhancements for UNIX systems - comment them out on Win32
chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4

; pid file
pid = /stunnel.pid

compression = zlib

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1

; Logging
output = /var/log/stunnel4/stunnel.log

[myservice]
accept = 443
; To forward connections to another host use anotherhost:80 (or any other port than 80)
connect = 80
TIMEOUTclose = 0
	; Certificate/key is needed in server mode and optional in client mode
	; To generate a self-signed certificate run:
	; openssl req -new -x509 -days 365 -nodes -config /usr/share/doc/stunnel4/examples/stunnel.cnf -out stunnel.pem -keyout stunnel.pem
	cert = /etc/stunnel/ssl/stunnel.pem

	; Protocol version (all, SSLv2, SSLv3, TLSv1)
	sslVersion = SSLv3

	; Some security enhancements for UNIX systems - comment them out on Win32
	chroot = /var/lib/stunnel4/
	setuid = stunnel4
	setgid = stunnel4

	; pid file
	pid = /stunnel.pid

	compression = zlib

	; Some performance tunings
	socket = l:TCP_NODELAY=1
	socket = r:TCP_NODELAY=1

	; Logging
	output = /var/log/stunnel4/stunnel.log

	[myservice]
	accept = 443
	; To forward connections to another host use anotherhost:80 (or any other port than 80)
	connect = 80
	TIMEOUTclose = 0