; Certificate/key is needed in server mode and optional in client mode
cert = ${WORKING_DIR}/public.pem
key = ${WORKING_DIR}/private.pem

; Protocol version (all, SSLv2, SSLv3, TLSv1)
sslVersion = all

; Some security enhancements for UNIX systems - comment them out on Win32
;chroot = /var/run/stunnel/

; PID is created inside the chroot jail
;pid = /stunnel.pid
pid = ${WORKING_DIR}/stunnel.pid

; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
;compression = zlib

; Some debugging stuff useful for troubleshooting
debug = 7
;output = /var/log/stunnel/stunnel.log
;foreground = yes

; Use it for client mode
;client = yes                     !! turn to server mode

; Service-level configuration
[websocket]
accept = ${HTTPS_PORT}
connect = 127.1.1.1:${SERVER_PORT}
transparent = source
#transparent = yes