Connect to an https service using an http-only client
Solution 1
Paul had it almost right but under Windows you need to add client = yes to the config file since -c is not a command line parameter for windows stunnel.
The following config works for me
[remote]
client = yes
accept = 8888
connect = google.com:443
I ended up using tstunnel.exe rather than stunnel.exe since that is the command line version of stunnel in Windows. Here's the command:
tstunnel remote_stunnel.conf
Solution 2
stunnel
is what you are after:
sudo stunnel -c -r google.com:443 -d 127.0.0.1:8888
This sets up a SSL session to the remote party (Google in this case), and creates a listener on localhost port 8888. You can use 80 if you don't already have a listener.
Then you access localhost:8888 and you'll get the remote site.
If you are using Windows, then command line options aren't supported, so create a file stunnel.conf
with the parameters within:
[remote]
accept = 8888
connect = google.com:443
Then call it with
stunnel -c stunnel.conf
Solution 3
Here's a node.js script that does what I want:
var http = require('http');
var https = require('https');
http.createServer(function (req, resp) {
var h = req.headers;
h.host = "www.example.com";
var req2 = https.request({ host: h.host, port: 443, path: req.url, method: req.method, headers: h }, function (resp2) {
resp.writeHead(resp2.statusCode, resp2.headers);
resp2.on('data', function (d) { resp.write(d); });
resp2.on('end', function () { resp.end(); });
});
req.on('data', function (d) { req2.write(d); });
req.on('end', function () { req2.end(); });
}).listen(9999, "127.0.0.1");
console.log('Server running at http://127.0.0.1:9999/');
The host and local port are both hardcoded, but it would be easy enough to make them command line parameters.
Related videos on Youtube
Steve
Updated on September 18, 2022Comments
-
Steve over 1 year
Is there a simple command line client that would be invoked something like this:
http2https --listen localhost:80 --connect example.com:443
which would then allow me to effectively connect to
https://example.com
by actually connecting tohttp://localhost
? It would need to work on Windows.I have tried stunnel, but it doesn't seem to work.
Update:
Here's the output of
stunnel.exe -c -r google.com:443 -d 127.0.0.1:8888
No limit detected for the number of clients stunnel 4.56 on x86-pc-msvc-1500 platform Compiled/running with OpenSSL 1.0.1e-fips 11 Feb 2013 Threading:WIN32 Sockets:SELECT,IPv6 SSL:ENGINE,OCSP,FIPS Reading configuration from file -c Cannot read configuration Syntax: stunnel [ [-install | -uninstall] [-quiet] [<filename>] ] | -help | -version | -sockets <filename> - use specified config file -install - install NT service -uninstall - uninstall NT service -quiet - don't display a message box on success -help - get config file help -version - display version and defaults -sockets - display default socket options Server is down
-
Steve about 11 yearsThanks, but it didn't work. The output has been added to the question.
-
Steve about 11 yearsYes, Windows. See the post. When I'm back on my Windows machine, I'll publish a small nodejs app I wrote for this purpose.
-
Steve about 11 yearsWhat is there to try? You just added the windows tag. Thanks for that anyway.
-
Paul about 11 yearsSorry - I meant the updated answer.
-
Paul about 11 years@SteveTaylor Did you try without the -c?
-
Steve about 11 yearsYes, I remember doing it with just a simple config. It died as soon as I hit it with a request. About to post the nodejs solution...
-
sibaz almost 9 yearsAt my time of reading this, I'm using stunnel 4.53 running on linux and it shows a -c option as 'client mode (remote service uses SSL)' which seems to be what was suggested