VSI-AXPVMS-STUNNEL-V0556-0A-1-RELNOTE.PDF

This document describes Stunnel 5.56 for VSI OpenVMS I64 and Alpha systems, released in June 2020. Stunnel is a proxy designed to add SSL/TLS encryption to existing client and server applications without requiring code changes.

Key points:

• Functionality: This OpenVMS port of Stunnel 5.56 includes all features of the open-source release, except for IPv6 support (planned for a future release). It uses OpenSSL 1.1.1g (statically linked) and is multi-threaded for scalability.
• Installation: It's provided as an OpenVMS PCSI kit (PRODUCT INSTALL STUNNEL). Post-installation requires adding commands to SYSTARTUP_VMS.COM and SYSHUTDWN.COM for automatic startup and shutdown.
• Configuration: Users must create a configuration file (stunnel$root:[etc]stunnel.conf) to define services. Sample configuration files (e.g., for a secure Telnet tunnel) are included.
• Security Note: A self-signed certificate is included for basic testing only and should not be used in production.
• Requirements: VSI OpenVMS Version 8.4-1H1 or higher, VSI/HPE/MultiNet TCP/IP services, and an ODS-5-enabled file system is recommended.
• System Resources: Stunnel requires specific OpenVMS privileges (TMPMBX, NETMBX, BYPASS, SYSPRV, DETACH) and may need increased system quotas and the CHANNELCNT system parameter for high concurrency.
• Documentation: Users are advised to consult the official stunnel.org documentation for detailed usage and configuration.