Add stunnel example

contrib/stunnel/README.md

@@ -0,0 +1,14 @@
+# HTTPS Support
+
+HTTPLab does not provides support for HTTPS. In order to decrypt TLS traffic, you can use a proxy like Stunnel.
+
+## How?
+```bash
+# Generate a self-signed cert
+./makecert.sh # Hit Enter until it finishes
+
+# Run Stunnel
+./stunnel stunnel.conf
+```
+
+Now you can point your HTTP client to :10443.

contrib/stunnel/makecert.sh

@@ -0,0 +1,29 @@
+#!/bin/sh
+
+if test -n "$1"; then
+    CONF="$1/openssl.cnf"
+else
+    CONF="openssl.cnf"
+fi
+
+if test -n "$2"; then
+    OPENSSL="$2/bin/openssl"
+else
+    OPENSSL=openssl
+fi
+
+if test -n "$3"; then
+    RAND="$3"
+else
+    RAND="/dev/urandom"
+fi
+
+dd if="$RAND" of=stunnel.rnd bs=256 count=1
+$OPENSSL req -new -x509 -days 1461 -rand stunnel.rnd -config $CONF \
+    -out stunnel.pem -keyout stunnel.pem
+rm -f stunnel.rnd
+
+echo
+echo "Certificate details:"
+$OPENSSL x509 -subject -dates -fingerprint -noout -in stunnel.pem
+echo

contrib/stunnel/openssl.cnf

@@ -0,0 +1,47 @@
+# OpenSSL configuration file to create a server certificate
+# by Michal Trojnara 1998-2017
+
+[ req ]
+# comment out the next line to protect the private key with a passphrase
+encrypt_key                     = no
+# the default key length is secure and quite fast - do not change it
+default_bits                    = 2048
+default_md                      = sha1
+x509_extensions                 = stunnel_extensions
+distinguished_name              = stunnel_dn
+
+[ stunnel_extensions ]
+nsCertType                      = server
+basicConstraints                = CA:TRUE,pathlen:0
+keyUsage                        = keyCertSign
+extendedKeyUsage                = serverAuth
+nsComment                       = "stunnel self-signed certificate"
+
+[ stunnel_dn ]
+countryName = Country Name (2 letter code)
+countryName_default             = PL
+countryName_min                 = 2
+countryName_max                 = 2
+
+stateOrProvinceName             = State or Province Name (full name)
+stateOrProvinceName_default     = Mazovia Province
+
+localityName                    = Locality Name (eg, city)
+localityName_default            = Warsaw
+
+organizationName                = Organization Name (eg, company)
+organizationName_default        = Stunnel Developers
+
+organizationalUnitName          = Organizational Unit Name (eg, section)
+organizationalUnitName_default  = Provisional CA
+
+0.commonName                    = Common Name (FQDN of your server)
+0.commonName_default            = localhost
+
+# To create a certificate for more than one name uncomment:
+# 1.commonName                  = DNS alias of your server
+# 2.commonName                  = DNS alias of your server
+# ...
+# See http://home.netscape.com/eng/security/ssl_2.0_certificate.html
+# to see how Netscape understands commonName.
+

contrib/stunnel/stunnel.conf

@@ -0,0 +1,7 @@
+foreground = yes
+debug = info
+
+[httplab]
+accept = 10443
+connect = 10080
+cert = stunnel.pem