<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Try verify = 4 and see if that works for you.<br>
<br>
From the manual:<br>
<br>
level 4 Ignore CA chain and only verify peer certificate.<br>
<br>
Regards,<br>
<br>
Thomas<br>
<br>
<br>
On 5/8/2012 5:35 PM, Van Brown wrote:
<blockquote
cite="mid:1336516558.43858.YahooMailNeo@web160306.mail.bf1.yahoo.com"
type="cite">
<div style="color:#000; background-color:#fff; font-family:times
new roman, new york, times, serif;font-size:12pt">
<div>I am trying to use stunnel to act as a forwarder to GMail.</div>
<div><br>
</div>
<div>My config file looks like:</div>
client = yes<br>
<br>
socket = l:TCP_NODELAY=1<br>
socket = r:TCP_NODELAY=1<br>
<br>
[gmail]<br>
accept = 25<br>
connect = smtp.gmail.com:465<br>
;CAfile = peer-gmail.pem<br>
;verify = 3<br>
<br>
I saved the peer certificate and when I attempt to send mail,
the log looks like this:<br>
<br>
2012.05.08 16:01:35 LOG5[31036:19408]: Service [gmail] connected
remote server from 192.168.1.9:42580<br>
2012.05.08 16:01:35 LOG4[31036:19408]: CERT: Verification error:
unable to get local issuer certificate<br>
2012.05.08 16:01:35 LOG4[31036:19408]: Certificate check failed:
depth=1, /C=US/O=Google Inc/CN=Google Internet Authority<br>
2012.05.08 16:01:35 LOG3[31036:19408]: SSL_connect: 14090086:
error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed<br>
2012.05.08 16:01:35 LOG5[31036:19408]: Connection reset: 0
byte(s) sent to SSL, 0 byte(s) sent to socket<br>
2012.05.08 16:02:35 LOG5[31036:34312]: Service [gmail] accepted
connection from 192.168.1.10:49303<br>
2012.05.08 16:02:35 LOG5[31036:34312]: connect_blocking:
connected 173.194.79.108:465<br>
2012.05.08 16:02:35 LOG5[31036:34312]: Service [gmail] connected
remote server from 192.168.1.9:42619<br>
2012.05.08 16:02:36 LOG4[31036:34312]: CERT: Verification error:
unable to get local issuer certificate<br>
2012.05.08 16:02:36 LOG4[31036:34312]: Certificate check failed:
depth=1, /C=US/O=Google Inc/CN=Google Internet Authority<br>
2012.05.08 16:02:36 LOG3[31036:34312]: SSL_connect: 14090086:
error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed<br>
2012.05.08 16:02:36 LOG5[31036:34312]: Connection reset: 0
byte(s) sent to SSL, 0 byte(s) sent to socket<br>
<br>
Please tell me what I'm doing wrong so I can fix it.<br>
<br>
Van Brown<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
stunnel-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:stunnel-users@stunnel.org">stunnel-users@stunnel.org</a>
<a class="moz-txt-link-freetext" href="http://stunnel.mirt.net/mailman/listinfo/stunnel-users">http://stunnel.mirt.net/mailman/listinfo/stunnel-users</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Attention: This message and all attachments are private and may contain information that is confidential and privileged. If you received this message in error, please notify the sender by reply email and delete the message immediately.</pre>
</body>
</html>