= Http Proxy with tls = == TinyProxy == https://tinyproxy.github.io/ {{{ ## Configuration ## /etc/tinyproxy/tinyproxy.conf or /etc/tinyproxy.conf /etc/init.d/tinyproxy restart }}} == Stunnel == https://www.stunnel.org/ {{{ ## Server Configuration ## /etc/stunnel/stunnel.conf cert = /etc/stunnel/stunnel.pem sslVersion = TLSv1 chroot = /var/run/stunnel/ setuid = nobody setgid = nobody pid = /stunnel.pid socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 compression = zlib [tinyproxy] accept = 443 connect = 127.0.0.1:8888 }}} {{{ ## For Server ## ## Create Certificate openssl genrsa -out /etc/stunnel/key.pem 2048 openssl req -new -x509 -key /etc/stunnel/key.pem -out /etc/stunnel/cert.pem -days 7300 cat /etc/stunnel/{key.pem,cert.pem} >/etc/stunnel/stunnel.pem mkdir /var/run/stunnel && chown nobody. /var/run/stunnel ## Launch stunnel /etc/stunnel/stunnel.conf }}} {{{ ## Client Configuration ## /etc/stunnel/stunnel.conf cert = /etc/stunnel/stunnel.pem sslVersion = TLSv1 chroot = /var/run/stunnel/ setuid = nobody setgid = nobody pid = /stunnel.pid socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 compression = zlib client = yes [tinyproxy] accept = 9999 connect = $SERVER_IP:443 }}} {{{ ## For Client ## ## Get stunnel.pem from server stunnel /etc/stunnel/stunnel.conf }}}