<div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif">Hi,</div><div class="gmail_default" style="font-family:tahoma,sans-serif"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif">I'm using stunnel to communicate with FIX server.</div><div class="gmail_default" style="font-family:tahoma,sans-serif">In order to do that, I disabled SSLv2 and SSLv3 and set the sslVersion to TLSv1.</div><div class="gmail_default" style="font-family:tahoma,sans-serif"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif">It seems like stunnel keeps trying using SSLv3 handshake, which isn't working.</div><div class="gmail_default" style="font-family:tahoma,sans-serif"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif">This is the configuration:</div><div class="gmail_default" style><div class="gmail_default" style><font face="tahoma, sans-serif">client = yes</font></div><div class="gmail_default" style><font face="tahoma, sans-serif">debug = 7</font></div><div class="gmail_default" style><font face="tahoma, sans-serif">output=stunnel.log</font></div><div class="gmail_default" style><font face="tahoma, sans-serif">cert = stunnel.pem</font></div><div class="gmail_default" style><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default" style><font face="tahoma, sans-serif">; Some performance tunings</font></div><div class="gmail_default" style><font face="tahoma, sans-serif">socket = l:TCP_NODELAY=1</font></div><div class="gmail_default" style><font face="tahoma, sans-serif">socket = r:TCP_NODELAY=1</font></div><div class="gmail_default" style><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default" style><font face="tahoma, sans-serif">; Turning for LMAX</font></div><div class="gmail_default" style><font face="tahoma, sans-serif">options = NO_SSLv2</font></div><div class="gmail_default" style><font face="tahoma, sans-serif">options = NO_SSLv3</font></div><div class="gmail_default" style><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default" style><font face="tahoma, sans-serif"><div class="gmail_default">[LMAX-fix-tunnel-DEMO-Trading]</div><div class="gmail_default">sslVersion = TLSv1</div><div class="gmail_default">accept = 40001</div><div class="gmail_default">connect = <a href="http://fix-ate.lmaxtrader.com:443">fix-ate.lmaxtrader.com:443</a></div><div class="gmail_default"><br></div><div class="gmail_default">stunnel log:</div><div class="gmail_default"><div class="gmail_default">2015.02.04 12:10:31 LOG7[12516]: Service [LMAX-fix-tunnel-DEMO-MktData] started</div><div class="gmail_default">2015.02.04 12:10:31 LOG5[12516]: Service [LMAX-fix-tunnel-DEMO-MktData] accepted connection from <a href="http://127.0.0.1:59475">127.0.0.1:59475</a></div><div class="gmail_default">2015.02.04 12:10:31 LOG6[12516]: s_connect: connecting <a href="http://91.215.165.69:443">91.215.165.69:443</a></div><div class="gmail_default">2015.02.04 12:10:31 LOG7[12516]: s_connect: s_poll_wait <a href="http://91.215.165.69:443">91.215.165.69:443</a>: waiting 10 seconds</div><div class="gmail_default">2015.02.04 12:10:31 LOG5[12516]: s_connect: connected <a href="http://91.215.165.69:443">91.215.165.69:443</a></div><div class="gmail_default">2015.02.04 12:10:31 LOG5[12516]: Service [LMAX-fix-tunnel-DEMO-MktData] connected remote server from <a href="http://10.0.0.62:59476">10.0.0.62:59476</a></div><div class="gmail_default">2015.02.04 12:10:31 LOG7[12516]: Remote socket (FD=620) initialized</div><div class="gmail_default">2015.02.04 12:10:31 LOG6[12516]: SNI: sending servername: <a href="http://fix-md-ate.lmaxtrader.com">fix-md-ate.lmaxtrader.com</a></div><div class="gmail_default">2015.02.04 12:10:31 LOG7[12516]: SSL state (connect): before/connect initialization</div><div class="gmail_default">2015.02.04 12:10:31 LOG7[12516]: SSL state (connect): SSLv3 write client hello A</div></div><div class="gmail_default"><br></div><div class="gmail_default">Already burned around 4 hours understanding what I'm doing wrong, will be glad if you could help me.</div><div class="gmail_default"><br></div><div class="gmail_default">Thanks in advance,</div><div class="gmail_default">Or.</div></font></div></div>
</div>
<br>
<p style="font-family:arial,sans-serif;font-size:13px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);color:rgb(102,102,102);margin:0px 0px 0.0001pt;direction:ltr"><font face="arial, helvetica, sans-serif" size="1"><b>Attention:</b><b><br></b><font>This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. <br>If you have received this email in error, please notify the sender immediately by replying to this message, and delete the original message from your system without making a copy. <br>This e-mail is attributed to the sender and does not necessarily reflect the view of </font><font>Markets Pulse P.S. Ltd.</font><font> or any affiliate.</font></font></p><div style="font-family:arial,sans-serif;font-size:13px;font-style:normal;font-variant:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);color:rgb(102,102,102);font-weight:bold"><p style="margin:0px 0px 0.0001pt;direction:ltr;font-weight:normal"><font face="arial, helvetica, sans-serif" size="1"> </font></p><p style="margin:0px 0px 0.0001pt;direction:ltr;font-weight:normal"><font face="arial, helvetica, sans-serif" size="1">Please consider the environment before printing this email.</font></p></div>