ghostunnel

We have hosted the application ghostunnel in order to run this application in our online workstations with Wine or directly.

Quick description about ghostunnel:

Ghostunnel is a simple TLS proxy with mutual authentication support for securing non-TLS backend applications. Ghostunnel supports two modes, client mode and server mode. Ghostunnel in server mode runs in front of a backend server and accepts TLS-secured connections, which are then proxied to the (insecure) backend. A backend can be a TCP domain/port or a UNIX domain socket. Ghostunnel in client mode accepts (insecure) connections through a TCP or UNIX domain socket and proxies them to a TLS-secured service. In other words, ghostunnel is a replacement for stunnel. Ghostunnel is developed primarily for Linux and Darwin (macOS), although it should run on any UNIX system that exposes SO_REUSEPORT, including FreeBSD, OpenBSD and NetBSD. Ghostunnel also supports running on Windows, though with a reduced feature set.

Features:

• Ghostunnel enforces mutual authentication by requiring a valid client certificate for all connections
• Ghostunnel can reload certificates at runtime without dropping existing connections
• In server mode, Ghostunnel can optionally obtain and automatically renew a public TLS certificate via the ACME protocol
• Ghostunnel has a built-in status feature that can be used to collect metrics and monitor a running instance
• We have put some thought into making Ghostunnel secure by default and prevent accidental misconfiguration
• Emphasis on security

Programming Language: Go.
Categories: