<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.12.1">
</HEAD>
<BODY>
I did a simple search on Google for "stunnel Wrong permissions on" and followed the very first link:<BR>
<BR>
<BLOCKQUOTE>
<A HREF="http://ipucu.enderunix.org/view.php?id=973&lang=en">http://ipucu.enderunix.org/view.php?id=973&lang=en</A><BR>
<BR>
<B><TT>"Wrong permissions on /usr/local/etc/stunnel/stunnel.pem"</TT></B><TT> </TT><TT><B><I>- Ýsmail Yenigü</I></B></TT><TT><B><I>l -</I></B></TT><TT><I> (2006-03-07 19:12:40) </I></TT><TT> </TT><TT><B>[1934]</B></TT><TT> </TT><BR>
<BR>
<TT>if you get this error message issue the following command to fix the permission. </TT><BR>
<BR>
<TT># chmod 600 /usr/local/etc/stunnel/stunnel.pem</TT><BR>
</BLOCKQUOTE>
<BR>
HTH. Regards.<BR>
<BR>
On Thu, 2007-06-21 at 12:23 -0400, Van wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">Getting closer. I now get-</FONT>
<FONT COLOR="#000000">[van@mailserver ]$ sudo stunnel /usr/local/etc/stunnel/stunnel.conf </FONT>
<FONT COLOR="#000000">localhost:ipop3</FONT>
<FONT COLOR="#000000">2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ </FONT>
<FONT COLOR="#000000">local/etc/stunnel/mail.pem</FONT>
<FONT COLOR="#000000">2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ </FONT>
<FONT COLOR="#000000">local/etc/stunnel/mail.pem</FONT>
<FONT COLOR="#000000">2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ </FONT>
<FONT COLOR="#000000">local/etc/stunnel/mail.pem</FONT>
<FONT COLOR="#000000">But that doesn't make sense to me. mail.pem permissions are the same </FONT>
<FONT COLOR="#000000">as my cert's and it works fine.</FONT>
<FONT COLOR="#000000">[van@mailserver change_passwd]$ ls -al /usr/local/etc/stunnel/mail.pem</FONT>
<FONT COLOR="#000000">-rw-r--r-- 1 root root 2942 Jun 20 18:21 /usr/local/etc/stunnel/ </FONT>
<FONT COLOR="#000000">mail.pem</FONT>
<FONT COLOR="#000000">[van@mailserver change_passwd]$ ls -al /etc/httpd/certs/www.crt</FONT>
<FONT COLOR="#000000">-rw-r--r-- 1 root root 1074 Jun 1 12:30 /etc/httpd/certs/www.crt</FONT>
<FONT COLOR="#000000">Is the error misleading? Or what should the mail.pem perms be?</FONT>
<FONT COLOR="#000000">Van</FONT>
<FONT COLOR="#000000">On Jun 20, 2007, at 9:33 PM, Kevin Cook wrote:</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> If you are using a stunnel.conf file, I would replace the '-d pop3s </FONT>
<FONT COLOR="#000000">> -r'</FONT>
<FONT COLOR="#000000">> with the absolute path to the .conf file:</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> sudo /usr/local/sbin/stunnel /usr/local/etc/stunnel/stunnel.conf</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> I believe command line options were typically used more in older</FONT>
<FONT COLOR="#000000">> versions, but now all configuration is done in the configuration file.</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Kevin</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> -----Original Message-----</FONT>
<FONT COLOR="#000000">> From: Van [mailto:<A HREF="mailto:vanyel@medusa.bioc.aecom.yu.edu">vanyel@medusa.bioc.aecom.yu.edu</A>]</FONT>
<FONT COLOR="#000000">> Sent: Wednesday, June 20, 2007 6:03 PM</FONT>
<FONT COLOR="#000000">> To: <A HREF="mailto:stunnel-users@mirt.net">stunnel-users@mirt.net</A></FONT>
<FONT COLOR="#000000">> Subject: [stunnel-users] Trying to get stunnel to work for forwarding</FONT>
<FONT COLOR="#000000">> pop3sto ipop3 port</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Hello,</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> This is my introduction to stunnel. I've inherited control of a </FONT>
<FONT COLOR="#000000">> pop3 and</FONT>
<FONT COLOR="#000000">> imap server running Red Hat Linux 4 that I want to access via pop3s </FONT>
<FONT COLOR="#000000">> and</FONT>
<FONT COLOR="#000000">> imaps. I'm starting out with securing the pop3 since most users are</FONT>
<FONT COLOR="#000000">> using it.</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> I downloaded stunnel 4.20 and compiled it according to the </FONT>
<FONT COLOR="#000000">> instructions</FONT>
<FONT COLOR="#000000">> on stunnel.org.</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> I read the certificates section of the site and made a new .pem file</FONT>
<FONT COLOR="#000000">> that I named mail.pem and have in the /usr/local/etc/stunnel/ </FONT>
<FONT COLOR="#000000">> directory</FONT>
<FONT COLOR="#000000">> that /usr/local/etc/stunnel/stunnel.conf asks for. But when I try to</FONT>
<FONT COLOR="#000000">> run stunnel like in the Examples section I get :</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> [van@mailserver ~]$ sudo /usr/local/sbin/stunnel -d pop3s -r</FONT>
<FONT COLOR="#000000">> localhost:ipop3</FONT>
<FONT COLOR="#000000">> 2007.06.20 17:59:54 LOG3[25516:3086419648]: -d: No such file or</FONT>
<FONT COLOR="#000000">> directory (2)</FONT>
<FONT COLOR="#000000">> Syntax:</FONT>
<FONT COLOR="#000000">> stunnel [<filename>] ] -fd <n> | -help | -version | -sockets</FONT>
<FONT COLOR="#000000">> <filename> - use specified config file instead of /usr/local/</FONT>
<FONT COLOR="#000000">> etc/stunnel/stunnel.conf</FONT>
<FONT COLOR="#000000">> -fd <n> - read the config file from a file descriptor</FONT>
<FONT COLOR="#000000">> -help - get config file help</FONT>
<FONT COLOR="#000000">> -version - display version and defaults</FONT>
<FONT COLOR="#000000">> -sockets - display default socket options</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> I'm a little lost here. Never dealt with a .pem file before stunnel.</FONT>
<FONT COLOR="#000000">> I have a self-signed cert I'm successfully using for https webmail on</FONT>
<FONT COLOR="#000000">> the server and guessing stunnel couldn't see that, I appended my file</FONT>
<FONT COLOR="#000000">> 'mailserver.crt' into my mail.pem file and edited stunnel.conf so it</FONT>
<FONT COLOR="#000000">> has</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> ;CAfile = /usr/local/etc/stunnel/certs.pem CAfile =</FONT>
<FONT COLOR="#000000">> /usr/local/etc/stunnel/mail.pem</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> but no dice. Same result.</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Trying to debug, I find 'stunnel -V' also gives the same result.</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> Can someone point out what's going wrong?</FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">> -Van</FONT>
<FONT COLOR="#000000">> _______________________________________________</FONT>
<FONT COLOR="#000000">> stunnel-users mailing list</FONT>
<FONT COLOR="#000000">> <A HREF="mailto:stunnel-users@mirt.net">stunnel-users@mirt.net</A></FONT>
<FONT COLOR="#000000">> <A HREF="http://stunnel.mirt.net/mailman/listinfo/stunnel-users">http://stunnel.mirt.net/mailman/listinfo/stunnel-users</A></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">></FONT>
<FONT COLOR="#000000">_______________________________________________</FONT>
<FONT COLOR="#000000">stunnel-users mailing list</FONT>
<FONT COLOR="#000000"><A HREF="mailto:stunnel-users@mirt.net">stunnel-users@mirt.net</A></FONT>
<FONT COLOR="#000000"><A HREF="http://stunnel.mirt.net/mailman/listinfo/stunnel-users">http://stunnel.mirt.net/mailman/listinfo/stunnel-users</A></FONT>
</PRE>
</BLOCKQUOTE>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<BR>
-- <BR>
Gonzalo Diethelm<BR>
gonzalo.diethelm@diethelm.org
</TD>
</TR>
</TABLE>
</BODY>
</HTML>