stunnel is an open-source multi-platform application used to provide universal TLS/SSL tunneling service. stunnel is used to provide secure encrypted connections for clients or servers that do not speak TLS or SSL natively.
stunnel can be used as TLS proxy, I have used when we have issues with TLS 1.0 with one of API End point.
Server administrators and home users alike feel the pressure to secure their Internet communications, but not every application supports using Transport Layer Security (TLS). Recently all OS and all major stopped TLS 1.0 support. So we used Stunel as an fall back approach to TLS 1.0.
Step 1
Install Stunnel. Download the Windows binary file from Stunnel.org. Double-click on the executable "stunnel-4.34-installer.exe" and accept the default values for installing Stunnel on your computer.
Step 2
Copy a valid SSL public certificate to the directory "C:\Program Files (x86)\stunnel." To make things more trouble-free, combine the public key and private key certificates into one .PEM file.
Step 3
Modify the Stunnel configuration file. Open the file "C:\Program Files (x86)\stunnel\stunnel.conf" using a text editor such as Notepad. Modify the file to include the line "cert = C:\Program Files (x86)\stunnel\," where is the name of your certificate file.
Here is the example of my config file
client = yes
[myService1]
accept = 4010
connect = www.pld.ups.com:443
sslVersion = TLSv1.2
[myService2]
accept = 4011
connect = wwwcie.ups.com:443
sslVersion = TLSv1.2
Step 4
Configure Stunnel to start automatically. Navigate to the Start menu, "stunnel" folder and click on "Service Install." Stunnel will configure a Windows service called "stunnel" to start automatically when the computer boots.
