is a software program created to allow secure client-server transfers. Its purpose is to provide encryption via SSL (secure socket layer) to inetd daemons such as POP2, POP3, and IMAP servers.
It can be used with standalone daemons (NNTP, SMTP and HTTP) and tunnelling PPP over network sockets, too.
Since the application is not intended for the average user solid knowledge about encrypted transfers and client server relationship is required.
Installing the tool on the system is not a tough job, but the operation requires a couple of stops that allow the user to select the components to be added as well as to provide information to be added to the certificate request.
During the installation procedure there is the possibility to include self-signed certificate tools and a terminal version of the application for sending the necessary commands.
Details about the country, state, and city or localhost are also requested, but some of the fields may be left blank.
The most important part in stunnel is its configuration. Setting everything up can be done from the main application window, which also lists a brief log of the operations carried out.
Customizing the connection should not be a difficult job for a more advanced user, especially since most of the options are accompanied by tooltips and the configuration is based on a demo file.
Among the options available there is the possibility to enable FIPS 140-2 mode, a security standard for validating cryptographic modules. Furthermore, at least one service must also be defined in the configuration file. Once the program started, the terminal window informs the user of the current setup.
stunnel may appear like a simple application, but the most difficult part is knowing what it is suitable for; and this information is reserved for system administrators.