From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Stunnel logo.png
Developer(s)Michał Trojnara
Initial release10 December 1998; 21 years ago (1998-12-10)[citation needed]
Stable release
5.56 / 22 November 2019; 10 months ago (2019-11-22)[1]
Written inC[2]
Operating systemMulti-platform
TypeProxy, Encryption
LicenseGNU General Public License Edit this at Wikidata

Stunnel is an open-source multi-platform application used to provide a universal TLS/SSL tunneling service.

Stunnel can be used to provide secure encrypted connections for clients or servers that do not speak TLS or SSL natively.[3] It runs on a variety of operating systems,[4] including most Unix-like operating systems and Windows. Stunnel relies on the OpenSSL library to implement the underlying TLS or SSL protocol.

Stunnel uses public-key cryptography with X.509 digital certificates to secure the SSL connection, and clients can optionally be authenticated via a certificate.[5]

If linked against libwrap, it can be configured to act as a proxyfirewall service as well.

Stunnel is maintained by Michał Trojnara and released under the terms of the GNU General Public License (GPL) with OpenSSL exception.

Example scenario[edit]

For example, one could use stunnel to provide a secure SSL connection to an existing non-SSL-aware SMTP mail server. Assuming the SMTP server expects TCP connections on port 25, one would configure stunnel to map the SSL port 465 to non-SSL port 25. A mail client connects via SSL to port 465. Network traffic from the client initially passes over SSL to the stunnel application, which transparently encrypts/decrypts traffic and forwards unsecured traffic to port 25 locally. The mail server sees a non-SSL mail client.[citation needed]

The stunnel process could be running on the same or a different server from the unsecured mail application; however, both machines would typically be behind a firewall on a secure internal network (so that an intruder could not make its own unsecured connection directly to port 25).


  1. ^ Trojnara, Michał. "Downloads". Stunnel. Retrieved 22 November 2019.
  2. ^ Trojnara, Michał. "stunnel sources". GitHub. Retrieved 12 May 2020.
  3. ^ O'Donovan, Barry (October 2004). "Secure Communication with Stunnel". Linux Gazette, Issue 107.
  4. ^ "stunnel: Ports"
  5. ^ "stunnel(8) manual"

External links[edit]