CP+ 3.x Documentation Installation And Maintenance  

STunnel Setup

Related Docs:   SSL Configuration

 

Since many people have difficulty installing OpenSSL and the Net::SSLeay module needed to run CP+ in SSL mode natively, this document suggests an alternative method of enabling SSL encryption. STunnel is the software that SSL-encrypts network services, such as POP3 or IMAP - or even CP+. To set it up, follow these steps:

  1. Install STunnel
    The program is available by default with many Linux distributions, or can be downloaded from www.stunnel.org and compiled for your system.
  2. Create a new tunnel
    Use CP+ SSL Tunnels module to create a new tunnel on port 10001 called ssl-cpplus that uses the Connect to remote host mode to connects to localhost port 10000 (assuming you are running CP+ on port 10000).
    The SSL certificate and key file option should be set to Use CP+ cert, and all of the other options left as their defaults.
  3. Activate the tunnel
    Click the Apply Changes button in the SSL Tunnels module to activate your new tunnel.
  4. Configure CP+ so that it knows about the SSL tunnel
    Add the line inetd_ssl=1 to /etc/cpplus/miniserv.conf and run /etc/cpplus/stop ; /etc/cpplus/start.
  5. Login to CP+ in SSL mode
    You should now be able to connect to https://yourhostname:10001/ and login as normal. The old URL on port 10000 will no longer work properly.

Related Docs:   SSL Configuration


Home   Features   Pricing   Resellers   Docs   News   Contact
© Copyright 1998-2006. Positive Software Corporation.
All rights reserved.
Disclaimer