Xnews & SSL

1. Download the most recent Stunnel installer from the Stunnel download page. I recommend using the "Home site" link to make sure you have the newest version. As of this writing, the version is 4.18; If the version has reached 5.0, these instructions are probably outdated, but they may still help you get up and running.
   
   
2. Run the installer, which will place stunnel.exe and the necessary ssl libraries in a directory of your choice. In these instructions, I will assume that you place them in "C:\Program Files\stunnel\", which is the default. If you choose a different directory, make the necessary adjustments as you go through these instructions.
   
   
3. (Recommended, Optional) Stunnel comes packaged with the ssl libraries it needs, but in case a new version of them has been released since the Stunnel package you just downloaded, you should also get the latest openssl.zip from Stunnel's ftp server. Click the most recent directory labeled "binaries", and get the openssl.zip file from there. Unzip the contents of openssl.zip into the same directory in which you installed Stunnel, overwriting the libraries which the stunnel installer placed there. Stunnel will work ok if you skip this step, but you may be missing security updates to OpenSSL.
   
   
4. Now it's time to configure Stunnel. In the Stunnel directory, delete the existing stunnel.conf file or rename it to "stunnel.conf.example". Create a new text document in the same directory and name it "stunnel.conf" (without the quotation marks). Using notepad or another text editor, put the config info into your new stunnel.conf. Cut-and-paste from this web page should work ok.

   text to be placed in stunnel.conf:

   # stunnel should act as a client to remote servers
   client = yes
   
   # connect to the Netscape server
   [netscapenews]
   accept = 127.0.0.1:563
   connect = secnews.netscape.com:563
   

   1. (Optional) If you don't want Stunnel to show up in the taskbar or tray area, add a bit more to stunnel.conf. This bit should be added above what is in there already. I recommend taking this step only after finishing the rest of the instructions and making sure Stunnel is working properly.

      text to be placed in stunnel.conf:

      # stunnel should remain hidden
      taskbar = no
      

   2. (Optional) If you are using an NT-based version of Windows®, you can have Stunnel run as a service. To do that, open a cmd box and run stunnel with the -install switch. Once that's done, Stunnel will be started as a service each time you reboot the OS.

      command to install stunnel as a service:

      > "C:\Program Files\stunnel\stunnel.exe" -install
      

      A window should pop up confirming that the service has been installed. If you later want to stop running Stunnel as a service, execute it with the -uninstall switch. (You may have to use the task manager to kill the running stunnel process before you can uninstall the service.)
   
   
5. Run Stunnel. Just double-click it; you know you want to. (Even if you installed Stunnel as a service, you need to run it now, unless you have already rebooted.)
   
   
6. In Xnews, create a new server by using the Server»New menu item. For the server name, enter "127.0.0.1" (without quotation marks). For server alias, enter "Netscape" or whatever you like. You are then presented with the new server's properties; change the port number to 563. When you click the "ok" button, you're done, and the grouplist should download.

Every time you want to access the secure server, Stunnel must be running. In case you want to do more with Stunnel than just have Xnews connect to a secure server, I recommend the Stunnel faq and man page.