<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=us-ascii" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.19088"></HEAD>
<BODY>
<DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011>stunnel user group,</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011>Thanks Yucong Sun or your help. I have changed
the configuration file values to the values that you recommended. I didn't
read the documentation careful enough.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011>[https]</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011>accept = 3600</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011>connect = <A style="COLOR: rgb(0,0,204)"
title=https://partnerlogin.advancedmd.com/practicemanager/xmlrpc/processrequest.asp
href="https://partnerlogin.advancedmd.com/practicemanager/xmlrpc/processrequest.asp"
target=_blank>partnerlogin.advancedmd.com</A><FONT
color=#0000cc>:443</FONT></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>(stopped and started the windows service to get the new
configuration)</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>HOWEVER</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>I'm still not getting stunnel to provide the interface
to the https web server. </SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>I have a http client software which I have tried both
GET and POST calls to <A
title=blocked::https://localhost:3600/practicemanager/xmlrpc/processrequest.asp
href="blocked::https://localhost:3600/practicemanager/xmlrpc/processrequest.asp">https://localhost:3600/practicemanager/xmlrpc/processrequest.asp</A></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>Every time the interface comes back with the error
"<STRONG>The Connection to the Server was Reset while the Page was
Loading</STRONG>"</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>So I decided to try the page using a standard
web browser (Firefox and IE) thinking that my client software may have a
problem. </SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>I opened the browser and entered the address <A
title=blocked::https://localhost:3600/practicemanager/xmlrpc/processrequest.asp
href="blocked::https://localhost:3600/practicemanager/xmlrpc/processrequest.asp">https://localhost:3600/practicemanager/xmlrpc/processrequest.asp</A> Got
the same results.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>So I changed the configuration to go to the same web
site as gmail with the following configuration.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>[https]</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>accept = 3600</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>connect = mail.google.com:443</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>When I try to open the page with the browser to
address <A
title=blocked::https://localhost:3600/mail/?hl=en&shva=1#inbox
href="blocked::https://localhost:3600/mail/?hl=en&shva=1#inbox">https://localhost:3600/mail/?hl=en&shva=1#inbox</A>,
I get the same error message.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>NEXT</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>I started WIRESHARK on the network and filtered for
packets coming from/to my host computer.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>When I enter <A
title=blocked::https://localhost:3600/mail/?hl=en&shva=1#inbox
href="blocked::https://localhost:3600/mail/?hl=en&shva=1#inbox">https://localhost:3600/mail/?hl=en&shva=1#inbox</A> on
the browser. The following details were captured by
WIRESHARK.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>Source
Destination
Protocol
Lenth Info</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>74.125.225.53
192.168.1.70 TLSV1
107
Application Data Protocol: http</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>192.168.1.70 74.125.255.53
TCP
54
https [ACK] Seq=1 Ack=54 win=16181 Len=0</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>74.125.225.53
192.168.1.70
TLSV1
112
Application Data Protocol: http</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>192.168.1.70 74.125.255.53
TLSV1 81
Encrypted Alert</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT></SPAN></FONT></SPAN></FONT><FONT
color=#0000cc size=2 face=Arial><SPAN class=872395100-09072011><FONT
color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>192.168.1.70 74.125.255.53
TCP
54
60089 > https [FIN, ACK] Seq=28 Ack=112 win=16167
Len=0</SPAN></FONT></DIV></DIV></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011><FONT color=#0000cc size=2
face=Arial><SPAN
class=872395100-09072011>192.168.1.70 74.125.255.54
TCP
1484 [TCP
segment of a reassembled PDU]</SPAN></FONT></SPAN></FONT></SPAN></FONT><FONT
color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT></DIV></DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011><FONT color=#0000cc size=2
face=Arial><SPAN
class=872395100-09072011>192.168.1.70 74.125.255.53 TLSv1 316
Application Data</SPAN></FONT></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT></SPAN></FONT>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>74.125.225.53
192.168.1.70
TCP
60 https >
60089 [FIN, ACK] Seq=112 Ack=29 win=196 len=0</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>192.168.1.70 74.125.255.53
TCP
54
60089 > https [ACK] Seq=29 Ack=113 win=16167
Len=0</SPAN></FONT></DIV></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>74.125.225.54
192.168.1.70
TCP
60 https >
60113 [ACK] Seq=1 Ack=1693 win=285 len=0</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>74.125.225.54
192.168.1.70
TLSV1 457
Application Data Protocol: http</SPAN></FONT></DIV></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011><SPAN class=872395100-09072011><FONT color=#0000cc
size=2 face=Arial><SPAN class=872395100-09072011><FONT color=#0000cc size=2
face=Arial><SPAN
class=872395100-09072011>192.168.1.70 74.125.255.54
TCP
54 60113 >
https [ACK] Seq=1693 Ack=404 win=16445
Len=0</SPAN></FONT></SPAN></FONT></SPAN></SPAN></FONT><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>SO the packets are being sent and returned, but
the protocol is erroring out for GOOGLE MAIL.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>NEXT</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>When I configure the service for the other https web
server. <A
title=blocked::https://localhost:3600/practicemanager/xmlrpc/processrequest.asp
href="blocked::https://localhost:3600/practicemanager/xmlrpc/processrequest.asp">https://localhost:3600/practicemanager/xmlrpc/processrequest.asp</A></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>I get a simular exchange, but more reference to change
cipher Spec. and http RST for different ip address</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>Source
Destination
Protocol
Lenth Info</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>192.168.1.70 74.125.255.54
TCP 66
60840 > https [SYN]</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011>74.125.225.54
192.168.1.70 TCP
66 https >
60840 [SYN, ACK]</SPAN></FONT></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>192.168.1.70 74.125.255.54
TCP 54
60840 > https [ACK]</SPAN></FONT></DIV></SPAN></FONT></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>192.168.1.70 74.125.255.54 TLSv1 451 client
Hello</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011>74.125.225.54
192.168.1.70 TCP
60 https >
60840
[ACK]</SPAN></FONT></SPAN></FONT></DIV></SPAN></FONT></DIV></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011>74.125.225.54
192.168.1.70 TLSv1 97 change
cipher Spec, Encrypted Handshake Message</SPAN></FONT></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>192.168.1.70 74.125.255.54 TLSv1 162 Application
Data</SPAN></FONT></DIV></SPAN></FONT></SPAN></FONT></DIV></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011>74.125.225.54
192.168.1.70
TCP
60 https
> 60840 [ACK]</SPAN></FONT></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011><STRONG>192.168.1.70 98.137.80.34
TCP 54 60819
> http [RST, ACK]</STRONG></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV></SPAN></FONT></SPAN></FONT></DIV></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000ff size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>STUNNEL LOG for partnerlogin.advancedmd.com:443
NO OBVIOUS ERRORS</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>2011.07.08 21:31:21 LOG7[4960:4568]: No limit detected
for the number of clients<BR>2011.07.08 21:31:21 LOG7[4960:4568]: make_sockets:
s_socket#1: FD=144 allocated (blocking mode)<BR>2011.07.08 21:31:21
LOG7[4960:4568]: make_sockets: s_socket#2: FD=148 allocated (blocking
mode)<BR>2011.07.08 21:31:21 LOG7[4960:4568]: make_sockets: s_accept: FD=152
allocated (non-blocking mode)<BR>2011.07.08 21:31:21 LOG5[4960:4568]: stunnel
4.39 on x86-pc-mingw32-gnu platform<BR>2011.07.08 21:31:21 LOG5[4960:4568]:
Compiled/running with OpenSSL 1.0.0d 8 Feb 2011<BR>2011.07.08 21:31:21
LOG5[4960:4568]: Threading:WIN32 SSL:ENGINE Auth:none
Sockets:SELECT,IPv6<BR>2011.07.08 21:31:21 LOG5[4960:4568]: Reading
configuration from file stunnel.conf<BR>2011.07.08 21:31:21 LOG7[4960:4568]:
Snagged 64 random bytes from C:/.rnd<BR>2011.07.08 21:31:22 LOG7[4960:4568]:
Wrote 1024 new random bytes to C:/.rnd<BR>2011.07.08 21:31:22 LOG7[4960:4568]:
PRNG seeded successfully<BR>2011.07.08 21:31:22 LOG7[4960:4568]: Configuration
SSL options: 0x01000000<BR>2011.07.08 21:31:22 LOG7[4960:4568]: SSL options set:
0x01000004<BR>2011.07.08 21:31:22 LOG7[4960:4568]: Certificate:
stunnel.pem<BR>2011.07.08 21:31:22 LOG7[4960:4568]: Certificate
loaded<BR>2011.07.08 21:31:22 LOG7[4960:4568]: Key file:
stunnel.pem<BR>2011.07.08 21:31:22 LOG7[4960:4568]: Private key
loaded<BR>2011.07.08 21:31:22 LOG7[4960:4568]: SSL context initialized for
service http<BR>2011.07.08 21:31:22 LOG5[4960:4568]: Configuration
successful<BR>2011.07.08 21:31:22 LOG7[4960:4568]: accept socket: FD=144
allocated (non-blocking mode)<BR>2011.07.08 21:31:22 LOG7[4960:4568]: Option
SO_REUSEADDR set on accept socket<BR>2011.07.08 21:31:22 LOG7[4960:4568]:
Service http bound to 0.0.0.0:3600<BR>2011.07.08 21:31:22 LOG7[4960:4568]:
Service http opened FD=144</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV></SPAN></FONT></SPAN></FONT></DIV></DIV></DIV></SPAN></FONT>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT><FONT color=#0000cc size=2
face=Arial><SPAN class=872395100-09072011>Do I need to have the Public Key
Certificate for the remote serve installed in stunnel for it to access the
page?</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>I'm trying to find a simple configuration to prove out
that the basic stunnel application is working. Any
suggestions?</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>Is there something basic that I'm
missing?</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>If I send a GET request, I should get a response from
the https server that CONNECT is configurred for.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>Is there a compatibility issue between OpenSSL and
https web server?</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>Thanks in advance for the help.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011>Dan</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT color=#0000cc size=2 face=Arial><SPAN
class=872395100-09072011></SPAN></FONT> </DIV><BR></DIV></BODY></HTML>