Sometimes, you need to establish a TLS connection with a distant service but your local client cannot handle it.
You need to use a tool that will encapsulate your local traffic in a TLS connection and establishes the connection with the distant service.
There are several tools (like stunnel or even haproxy) but they are intented to be use in a complexe and intensive use-case. They need therefore to much configuration for a simple usage.
To test or browse my projects of finger or gopher services, I only need a sporadic access. I don’t performances or specific optimizations: the tool must be light and easy to use.
I have thus create a little Perl project, ptlstunnel.
The tool needs at least 2 options:
perl ptlstunnel.pl --frontend 127.0.0.1:7043 --backend gopher.service.tld:7043 --regex angband.t18s.fr(\s+)7043
--fronted: the local bind address and port
--backend: to which server the requests are transfered
--regex: sometimes the content must be modified (like the Gopher links or HTTP) in order to allow the local client
to see data as local
It is also possible to add the option
--tls-verify to check the chain of certificates of the server.
- easy to use
- content rewriting (simple implementation)
- smarter content rewriting
- more SSL configuration options
- rewrite of the documentation