; Certificate/key is needed in server mode and optional in client mode
cert = /etc/stunnel/stunnel.pem
;key = /usr/etc/stunnel/mail.pem

; Protocol version (all, SSLv2, SSLv3, TLSv1)
sslVersion = all

; Some security enhancements for UNIX systems - comment them out on Win32
chroot = /tmp
setuid = nobody
;setgid = nobody
pid = /stunnel.pid

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;compression = rle

; Workaround for Eudora bug
;options = DONT_INSERT_EMPTY_FRAGMENTS

;verify = 2
;CApath = /certs
;CAfile = /usr/etc/stunnel/certs.pem
;CRLpath = /crls
;CRLfile = /usr/etc/stunnel/crls.pem

; Some debugging stuff useful for troubleshooting
;debug = 7
;output = stunnel.log

; Use it for client mode
;client = yes

; Service-level configuration

;[pop3s]
;accept  = 995
;connect = 110
;
;[imaps]
;accept  = 993
;connect = 143
;
;[ssmtp]
;accept  = 465
;connect = 25

[https]
accept  = 443
connect = 80
TIMEOUTclose = 0

[chilli]
accept  = 3443
connect = 3442
TIMEOUTclose = 0

; vim:ft=dosini