; Drop privileges
setuid = nobody 
setgid = nogroup

; When running under procd, stay in foreground
foreground = yes

; Don't log to stderr, use syslog
syslog = yes

; 1-7. Use 7 for greatest verbosity
;debug = 5

; Starting here, enter your services or uncomment the examples

; Example:
; If your local httpd does not support HTTPS, use stunnel in remote
; mode to forward TLS connections coming in on port 443 to non-TLS
; on port 80.
; Make sure that the cert is available.
;[httpd]
;accept = 443
;connect = 127.0.0.1:80
;cert = /etc/stunnel/stunnel.pem

; Example:
; If your local email client does not support TLS,
; use stunnel in client mode to forward non-TLS connections on
; port 143 to TLS-enabled servername:993.
;[imap]
;client = yes
;accept = 143
;connect = servername:993
; Disable peer verification - be sure to understand the limitations of peer
; verification in stunnel when enabling.
;verify = 0

; Default client section:
; stunnel requires at least one section to start successfully.
; You can safely remove this section once you have configured
; your own. We use client mode here as server requires a certificate.
[dummy]
client = yes
accept = localhost:6000
connect = localhost:6001