greetings from network.com: network.com activities

While this is not the standard use case for the solaris-bundled stunnel application, stunnel can be used in 'client mode' as a reverse SSL proxy - which comes in handy if you are trying to debug an HTTP protocol/header problem that is wrapped inside SSL.

When stunnel runs in client mode, it acts as a localhost proxy for cleartext HTTP to HTTPS communications.

http client (HTTP:80) -> stunnel localhost client proxy ->  https://[remote service]:443

For example: use the following /etc/stunnel/stunnel.conf file to set up a localhost proxy to an https service running on host "remote.host.com"

   # cat /etc/stunnel/stunnel.conf
   ; Security enhancements
   chroot = /usr/local/var/stunnel/
   setuid = nobody
   setgid = nogroup
   ; PID is created inside chroot jail
   pid = /stunnel.pid
   ; Performance tunings
   socket = l:TCP_NODELAY=1
   socket = r:TCP_NODELAY=1
   ; Log file
   output = /var/log/stunnel.log
   ; Client mode
   client = yes

   [http]
   accept  = 80
   connect = remote.host.com:443
   TIMEOUTclose = 0

Next, create a chroot jail /usr/local/var/stunnel for stunnel execution as follows:

# Make device node
mkdir -p /usr/local/var/stunnel/dev
mknod  /usr/local/var/stunnel/dev/zero c 13 12 || exit $?
chmod a+rw /usr/local/var/stunnel/dev/zero || exit $?
chown nobody /usr/local/var/stunnel || exit $?

Finally, launch stunnel:

# /usr/bin/stunnel (or use SMF: "svcadm enable stunnel")

Connect to your remote service through the localhost:80 stunnel proxy.
Example - you can now connect to https://[remote.host.com]/[remoteurl]  as follows:
# curl --include http://Username:Password@localhost/[remoteurl]

HTTP/1.0 200 OK
X-Powered-By: Servlet/2.5
Server: Sun Java System Application Server 9.1_02
Content-Type: application/xml
Content-Length: 516
Date: Tue, 17 Feb 2009 19:39:42 GMT
Via: 1.0 remote.host.com:80 (squid/2.6.STABLE17)
Connection: close

<html><body>hello</body></html>