lorne-luo · October 4, 2019 06:53
diff --git a/gistfile2.txt b/gistfile2.txt
 https://stackoverflow.com/questions/56176229/quickfix-how-to-use-ssl-in-python

 Yes, quickfix as of the time of writing does not support SSL out of the box. You will need to create a SSL tunnel from your machine manually to the host which requires SSL connectivity. You can do this via 'stunnel'. Posting some configuration below which can hopefully explain how it can be setup.

 STUNNEL CONFIG

 log = append
 output = <path where logs will be written>

 [client]
 client = yes
 accept = <port of your choosing on the local machine for quickfix>
 connect = <ssl host you want to connect to>:<port>
 verifyPeer = yes
 CAfile = <path of certification provided by SSL host>
 checkHost = <ssl host you want to connect to>
 debug = debug

 An example below

 log = append
 output = /home/user/logs

 [client]
 client = yes
 accept = 1589
 connect = 5.854.17.45:446
 verifyPeer = yes
 CAfile = /etc/ssl/certs/ca-cert.pem
 checkHost = 5.854.17.45
 debug = debug

 QUICKFIX CONFIG

 [DEFAULT]
 <Other relevant settings>
 SocketConnectPort=1589
 SocketConnectHost=localhost

 [SESSION]
 <Other relevant settings>

diff --git a/quickfix_build.sh b/quickfix_build.sh
 ./bootstrap
 sudo ./configure --with-openssl=/usr/local/opt/openssl --with-python3 --with-postgresql --prefix=/usr/local

 #mkdir build
 #cd build
 # sudo cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DHAVE_SSL=ON -DCMAKE_INSTALL_PREFIX:PATH="/usr/local" ..
 # sudo make -j 4 install

 sudo make
 sudo make install
diff --git a/stunnel b/stunnel
 # mac
 stunnel /usr/local/etc/stunnel/stunnel.conf
 kill `cat /tmp/stunnel/

 # centos
 mkdir /var/run/stunnel
 vi /etc/stunnel/stunnel.conf
 cd /etc/pki/tls/certs
 make stunnel.pem
 sudo chown -R nobody:nobody /var/run/stunnel
	https://stackoverflow.com/questions/56176229/quickfix-how-to-use-ssl-in-python

	Yes, quickfix as of the time of writing does not support SSL out of the box. You will need to create a SSL tunnel from your machine manually to the host which requires SSL connectivity. You can do this via 'stunnel'. Posting some configuration below which can hopefully explain how it can be setup.

	STUNNEL CONFIG

	log = append
	output = <path where logs will be written>

	[client]
	client = yes
	accept = <port of your choosing on the local machine for quickfix>
	connect = <ssl host you want to connect to>:<port>
	verifyPeer = yes
	CAfile = <path of certification provided by SSL host>
	checkHost = <ssl host you want to connect to>
	debug = debug

	An example below

	log = append
	output = /home/user/logs

	[client]
	client = yes
	accept = 1589
	connect = 5.854.17.45:446
	verifyPeer = yes
	CAfile = /etc/ssl/certs/ca-cert.pem
	checkHost = 5.854.17.45
	debug = debug

	QUICKFIX CONFIG

	[DEFAULT]
	<Other relevant settings>
	SocketConnectPort=1589
	SocketConnectHost=localhost

	[SESSION]
	<Other relevant settings>
	./bootstrap
	sudo ./configure --with-openssl=/usr/local/opt/openssl --with-python3 --with-postgresql --prefix=/usr/local

	#mkdir build
	#cd build
	# sudo cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DHAVE_SSL=ON -DCMAKE_INSTALL_PREFIX:PATH="/usr/local" ..
	# sudo make -j 4 install

	sudo make
	sudo make install
	# mac
	stunnel /usr/local/etc/stunnel/stunnel.conf
	kill `cat /tmp/stunnel/

	# centos
	mkdir /var/run/stunnel
	vi /etc/stunnel/stunnel.conf
	cd /etc/pki/tls/certs
	make stunnel.pem
	sudo chown -R nobody:nobody /var/run/stunnel