<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Cambria;
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:"Brush Script MT";
panose-1:3 6 8 2 4 4 6 7 3 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Cambria",serif;
color:windowtext;
font-weight:normal;
font-style:normal;
text-decoration:none none;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link="#0563C1" vlink="#954F72"><div class=WordSection1><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>I am using stunnel as a proxy to support SoapUI mock services which are used to test an SSL based application. The SoapUI and stunnel proxy are running on an AWS Ubuntu 14.04 EC2 Instance communicating to a Tomcat server running on a second AWS Ubuntu 14.04 EC2 Instance. The target application uses a wildcard SSL Certificate and works successfully when accessed using a desktop browser (Chrome or Firefox).<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>The issue I am encountering is that the stunnel connection logs a “SSL closed on SSL_read” message as soon as the cipher suite is negotiated as shown in the following stunnel.log:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Clients allowed=2000<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG5[5287:140430154716992]: stunnel 4.53 on x86_64-pc-linux-gnu platform<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG5[5287:140430154716992]: Compiled with OpenSSL 1.0.1e 11 Feb 2013<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG5[5287:140430154716992]: Running with OpenSSL 1.0.1f 6 Jan 2014<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG5[5287:140430154716992]: Update OpenSSL shared libraries or rebuild stunnel<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG5[5287:140430154716992]: Threading:PTHREAD SSL:+ENGINE+OCSP Auth:LIBWRAP Sockets:POLL+IPv6<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG5[5287:140430154716992]: Reading configuration from file /etc/stunnel/stunnel.conf<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Compression not enabled<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Snagged 64 random bytes from /home/ubuntu/.rnd<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Wrote 1024 new random bytes to /home/ubuntu/.rnd<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: PRNG seeded successfully<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG6[5287:140430154716992]: Initializing service section [resourceServer]<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG4[5287:140430154716992]: Insecure file permissions on /etc/stunnel/stunnel.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Certificate: /etc/stunnel/stunnel.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Certificate loaded<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Key file: /etc/stunnel/stunnel.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Private key loaded<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Verify directory set to /etc/ssl/certs<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Added /etc/ssl/certs revocation lookup directory<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: SSL options set: 0x00000004<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG6[5287:140430154716992]: Initializing service section [tpserver]<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG4[5287:140430154716992]: Insecure file permissions on /etc/stunnel/stunnel.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Certificate: /etc/stunnel/stunnel.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Certificate loaded<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Key file: /etc/stunnel/stunnel.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Private key loaded<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Verify directory set to /etc/ssl/certs<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Added /etc/ssl/certs revocation lookup directory<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Could not load DH parameters from /etc/stunnel/stunnel.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Using hardcoded DH parameters<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: DH initialized with 2048-bit key<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: ECDH initialized with curve prime256v1<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: SSL options set: 0x00000004<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG5[5287:140430154716992]: Configuration successful<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Service [resourceServer] (FD=12) bound to 127.0.0.1:8080<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5287:140430154716992]: Service [tpserver] (FD=13) bound to 127.0.0.1:8444<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:19 LOG7[5293:140430154716992]: Created pid file /var/run/stunnel4.pid<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154716992]: Service [resourceServer] accepted (FD=3) from 127.0.0.1:41256<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: Service [resourceServer] started<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: Waiting for a libwrap process<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: Acquired libwrap process #0<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: Releasing libwrap process #0<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: Released libwrap process #0<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: Service [resourceServer] permitted by libwrap from 127.0.0.1:41256<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG5[5293:140430154827520]: Service [resourceServer] accepted connection from 127.0.0.1:41256<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG6[5293:140430154827520]: connect_blocking: connecting 52.43.245.161:8443<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: connect_blocking: s_poll_wait 52.43.245.161:8443: waiting 10 seconds<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG5[5293:140430154827520]: connect_blocking: connected 52.43.245.161:8443<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG5[5293:140430154827520]: Service [resourceServer] connected remote server from 172.31.44.97:34077<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: Remote socket (FD=15) initialized<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: SNI: host name: 52.43.245.161<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: Starting certificate verification: depth=2, /C=US/O=GeoTrust Inc./CN=GeoTrust Global CA<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG6[5293:140430154827520]: CERT: Verification not enabled<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG5[5293:140430154827520]: Certificate accepted: depth=2, /C=US/O=GeoTrust Inc./CN=GeoTrust Global CA<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: Starting certificate verification: depth=1, /C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG6[5293:140430154827520]: CERT: Verification not enabled<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG5[5293:140430154827520]: Certificate accepted: depth=1, /C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG7[5293:140430154827520]: Starting certificate verification: depth=0, /CN=*.greenbuttonalliance.org<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG6[5293:140430154827520]: CERT: Verification not enabled<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG5[5293:140430154827520]: Certificate accepted: depth=0, /CN=*.greenbuttonalliance.org<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG6[5293:140430154827520]: SSL connected: new session negotiated<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG6[5293:140430154827520]: Negotiated TLSv1/SSLv3 ciphersuite: AES128-SHA (128-bit encryption)<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:25 LOG6[5293:140430154827520]: Compression: null, expansion: null<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:45 LOG7[5293:140430154827520]: SSL closed on SSL_read<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:45 LOG7[5293:140430154827520]: Sent socket write shutdown<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:56 LOG7[5293:140430154827520]: Socket closed on read<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:56 LOG7[5293:140430154827520]: Sending close_notify alert<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:56 LOG6[5293:140430154827520]: SSL_shutdown successfully sent close_notify alert<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:56 LOG5[5293:140430154827520]: Connection closed: 342 byte(s) sent to SSL, 250 byte(s) sent to socket<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:56 LOG7[5293:140430154827520]: Remote socket (FD=15) closed<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:56 LOG7[5293:140430154827520]: Local socket (FD=3) closed<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>2016.11.14 21:34:56 LOG7[5293:140430154827520]: Service [resourceServer] finished (0 left)<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>The stunnel.conf file contains the following configuration:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; **************************************************************************<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; * Service defaults may also be specified in individual service sections *<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; **************************************************************************<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>CApath = /etc/ssl/certs<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; **************************************************************************<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; * Logging *<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; **************************************************************************<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>debug = 7<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>output = /home/ubuntu/Git/energyos/OpenESPI-GreenButtonCMDTest/SOAPUI/stunnel.log<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; **************************************************************************<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; * Service definitions (at least one service has to be defined) *<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; **************************************************************************<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; **************************************************************************<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; * Resource Server *<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>; **************************************************************************<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>[resourceServer]<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>accept=localhost:8080<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>connect=52.43.245.161:8443<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>ciphers=AES128-SHA<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>client = yes<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>cert=/etc/stunnel/stunnel.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>verify=0<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>[tpserver]<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>accept=127.0.0.1:8444<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>connect=localhost:8081<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>cert=/etc/stunnel/stunnel.pem<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>verify=0<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>client=no<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>ciphers=AES128-SHA<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'>Are there any additional stunnel logging options or debugging techniques you can recommend to help determine why the session is being closed? Does stunnel support wildcard based certificates (i.e. *.greenbuttonalliance.org)?<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Cambria",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt'>Best regards,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:24.0pt;font-family:"Brush Script MT"'>Don<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt'>Donald F. Coffin<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt'>Technical Manager<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt'>Green Button Alliance<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt'>2335 Dunwoody Crossing Suite E<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt'>Dunwoody, GA 30338-8221<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt'><a href="http://www.greenbuttonalliance.org/">http://www.greenbuttonalliance.org</a><o:p></o:p></span></p><p class=MsoNormal><span style='font-size:12.0pt'>(949) 636-8571 Mobile<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>