2.6 KiB
2.6 KiB
stunnel
download
docker pull chainguard/stunnel:latest
or
docker pull cgr.dev/ORGANIZATION/stunnel:latest
run
docker run cgr.dev/chainguard/stunnel
or
docker run cgr.dev/chainguard/stunnel:latest
Options
Global options:
chroot = directory to chroot stunnel process
EGD = path to Entropy Gathering Daemon socket
engine = auto|engine_id
engineCtrl = cmd[:arg]
engineDefault = TASK_LIST
foreground = yes|quiet|no foreground mode (don't fork, log to stderr)
log = append|overwrite log file
output = file to append log messages
pid = pid file
RNDbytes = bytes to read from random seed files
RNDfile = path to file with random seed data
RNDoverwrite = yes|no overwrite seed datafiles with new random data
syslog = yes|no send logging messages to syslog
Service-level options:
accept = [host:]port accept connections on specified host:port
CAengine = engine-specific CA certificate identifier for 'verify' option
CApath = CA certificate directory for 'verify' option
CAfile = CA certificate file for 'verify' option
cert = certificate chain
checkEmail = peer certificate email address
checkHost = peer certificate host name pattern
checkIP = peer certificate IP address
ciphers = permitted ciphers for TLS 1.2 or older
ciphersuites = permitted ciphersuites for TLS 1.3
client = yes|no client mode (remote service uses TLS)
config = command[:parameter] to execute
connect = [host:]port to connect
CRLpath = CRL directory
CRLfile = CRL file
curves = ECDH curve names
debug = [facility].level (e.g. daemon.info)
delay = yes|no delay DNS lookup for 'connect' option
engineId = ID of engine to read the key from
engineNum = number of engine to read the key from
exec = file execute local inetd-type program
execArgs = arguments for 'exec' (including $0)
failover = rr|prio failover strategy
ident = username for IDENT (RFC 1413) checking
include = directory with configuration file snippets
key = certificate private key
local = IP address to be used as source for remote connections
logId = connection identifier type
OCSP = OCSP responder URL