<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Dheeraj,</p>
Without some more information, it is difficult to answer your
question.<br>
<br>
With stunnel in client mode, an application sends un-encrypted data
to a port and stunnel encrypts the data and sends it out a second
port, e.g.:<br>
<br>
[application]<br>
accept = 127.0.0.1:12345<br>
connect = remote:23456<br>
client =yes<br>
<br>
If your application is configured to run using port 8228, then you
could have<br>
<br>
[application]<br>
accept = 127.0.0.1:8228<br>
connect = 69.191.198.34:8228<br>
client = yes<br>
... (your other parameters go here)<br>
<br>
The information you need for the stunnel.conf file are:<br>
1) The host address and port that you are writing to in your
program (can be a local address or any other valid ip address)<br>
2) The remote address and port that you are connecting to (must
be different from (1).<br>
<br>
The connection is only active for as long as your program is running
(be it telnet or any other application).<br>
<br>
I hope that helps.<br>
<br>
Carter Browne<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 6/13/2017 1:21 PM, Dheeraj Gautam
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:052001d2e469$7f2c62c0$7d852840$@arborfs.com">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:"Times New Roman \, serif";
panose-1:0 0 0 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;
color:black;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;
color:black;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle20
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Hi
Browne,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">I
am not understand like what config I have to do in stunnel
config file.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">As
per application it will trigger 8228 port of remote server,
but at the momen stunnel is working only when I am trying to
telnet localhost on 9233 port.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Nothing
is happening when running the application, don’t know what I
am missing as I am the new for stunnel.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Please
help to fix this out.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Dheeraj
Gautam<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">
stunnel-users [<a class="moz-txt-link-freetext" href="mailto:stunnel-users-bounces@stunnel.org">mailto:stunnel-users-bounces@stunnel.org</a>]
<b>On Behalf Of </b>Carter Browne<br>
<b>Sent:</b> Tuesday, June 13, 2017 10:41 PM<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:stunnel-users@stunnel.org">stunnel-users@stunnel.org</a><br>
<b>Subject:</b> Re: [stunnel-users] Stunnel Connectivity
Issue<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p>Dheeraj,<o:p></o:p></p>
<p>stunnel will keep the connection open for as long as your
applications keeps it open. When you exit telnet, it closes
the connection. I use stunnel mostly for RDP, VNC and telnet
and as long the application is active, the port is open. You
need to have your application open the local port you want to
route via stunnel (in your example 127.0.0.1:9233). As long
as your application keeps the connection open (ignoring such
issues as communications failures), stunnel will maintain the
application. Telnet is a great tool for determining
connectivity, but your application is going to have to handle
the connection going forward.<o:p></o:p></p>
<p>Carter Browne<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On 6/13/2017 12:01 PM, Dheeraj Gautam
wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Hi
Liz,</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Thanks
for your reply.</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Actually
we need to run a service which will work only once stunnel
connection establish and the service will work till the
time connection connected.</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">But
at the moment I don’t have idea like how the stunnel will
remain connected.</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Could
you please suggest me to fix this so that stunnel
connection remain connected and I can run the application.</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Waiting
for your valuable response.</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Regards,</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Dheeraj
Gautam</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Liz
Turi [<a href="mailto:lturi@maehc.org"
moz-do-not-send="true">mailto:lturi@maehc.org</a>] <br>
<b>Sent:</b> Tuesday, June 13, 2017 9:19 PM<br>
<b>To:</b> Dheeraj Gautam <a
href="mailto:dheeraj.gautam@arborfs.com"
moz-do-not-send="true"><dheeraj.gautam@arborfs.com></a>;
Małgorzata Olszówka <a
href="mailto:Malgorzata.Olszowka@stunnel.org"
moz-do-not-send="true"><Malgorzata.Olszowka@stunnel.org></a><br>
<b>Cc:</b> <a href="mailto:stunnel-users@stunnel.org"
moz-do-not-send="true">stunnel-users@stunnel.org</a><br>
<b>Subject:</b> RE: [stunnel-users] Stunnel
Connectivity Issue</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal"><a name="_MailEndCompose"
moz-do-not-send="true"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Hi,
Dheeraj,</span><o:p></o:p></a></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Are
you testing the connection with Telnet? Or are you
testing with the application. What I noticed in testing
the connection is that once the command is completed,
the connection is closed.</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">However,
when I test from my application, its only closed once
all transactions in that session are completed, and will
show how much data was passed on (following from my logs
at the end of a non-telnet test session.</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">2017.06.13
10:16:08 LOG6[1]: Negotiated TLSv1.2 ciphersuite
AES256-GCM-SHA384 (256-bit encryption)</span></b><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">2017.06.13
10:16:18 LOG6[1]: Read socket closed (readsocket)</span></b><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">2017.06.13
10:16:18 LOG6[1]: SSL_shutdown successfully sent
close_notify alert</span></b><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">2017.06.13
10:16:18 LOG6[1]: TLS closed (SSL_read)</span></b><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">2017.06.13
10:16:18 LOG5[1]: Connection closed: 2791 byte(s) sent
to TLS, 1641 byte(s) sent to socket</span></b><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Liz
Turi</span></b><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Sr.
Consultant</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Massachusetts
</span></span><span style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:red">e</span></span><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">Health
Collaborative</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">860
Winter Street, Waltham, MA 02451</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">(m)
339-222-6614 (o) 781-907-7204 (f) 781-207-8589</span><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"></span><a
href="http://www.maehc.org" moz-do-not-send="true"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">www.maehc.org</span></span><span
style="mso-bookmark:_MailEndCompose"></span></a><span
style="mso-bookmark:_MailEndCompose"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"></span><a
href="https://www.facebook.com/massachusettsehealthcollab?fref=nf"
moz-do-not-send="true"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;text-decoration:none"><img
style="width:.25in;height:.25in"
id="Picture_x0020_1"
src="cid:part7.EB2A9449.1A41CE29@comcast.net"
alt="fb_icon" class="" height="24" width="24"
border="0"></span></span><span
style="mso-bookmark:_MailEndCompose"></span></a><span
style="mso-bookmark:_MailEndCompose"></span><a
href="https://www.linkedin.com/company/massachusetts-ehealth-collaborative?trk=tyah&trkInfo=clickedVertical%3Acompany%2Cidx%3A1-1-1%2CtarId%3A1432746657126%2Ctas%3AMassachusetts+eHEalth"
moz-do-not-send="true"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;text-decoration:none"><img
style="width:.25in;height:.25in"
id="Picture_x0020_2"
src="cid:part9.19DDFE87.033C7D12@comcast.net"
alt="li_icon" class="" height="24" width="24"
border="0"></span></span><span
style="mso-bookmark:_MailEndCompose"></span></a><span
style="mso-bookmark:_MailEndCompose"></span><a
href="https://twitter.com/MAeHC_org"
moz-do-not-send="true"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;text-decoration:none"><img
style="width:.25in;height:.25in"
id="Picture_x0020_3"
src="cid:part11.883F83AE.29A3424E@comcast.net"
alt="tw_icon" class="" height="24" width="24"
border="0"></span></span><span
style="mso-bookmark:_MailEndCompose"></span></a><span
style="mso-bookmark:_MailEndCompose"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="mso-bookmark:_MailEndCompose"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif"> </span><o:p></o:p></span></p>
<span style="mso-bookmark:_MailEndCompose"></span>
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">
stunnel-users [<a
href="mailto:stunnel-users-bounces@stunnel.org"
moz-do-not-send="true">mailto:stunnel-users-bounces@stunnel.org</a>]
<b>On Behalf Of </b>Dheeraj Gautam<br>
<b>Sent:</b> Tuesday, June 13, 2017 11:41 AM<br>
<b>To:</b> Małgorzata Olszówka <<a
href="mailto:Malgorzata.Olszowka@stunnel.org"
moz-do-not-send="true">Malgorzata.Olszowka@stunnel.org</a>><br>
<b>Cc:</b> <a href="mailto:stunnel-users@stunnel.org"
moz-do-not-send="true">stunnel-users@stunnel.org</a><br>
<b>Subject:</b> Re: [stunnel-users] Stunnel Connectivity
Issue</span><o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p class="MsoNormal">HI Guys,<o:p></o:p></p>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">below is the config which i have
configured with TLSv1.2, but still connection
establishing only for while when i telnet telnet
127.0.0.1 9233. and just after connection closed.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal">[TCP]<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">client=yes<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">cert = BBG_cert.pem<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">key = BBG_key.pem<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">verifyChain = yes<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">CAfile = BBG_CACerts.pem<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">connect = <a
href="http://69.191.198.34:8228"
moz-do-not-send="true">69.191.198.34:8228</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">accept = <a
href="http://127.0.0.1:9233" moz-do-not-send="true">127.0.0.1:9233</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">sslVersion = TLSv1.2<o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">below the logs:<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal">2017.06.13 11:57:49 LOG5[main]:
Reading configuration from file stunnel.conf<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 11:57:49 LOG5[main]:
UTF-8 byte order mark detected<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 11:57:49 LOG5[main]:
FIPS mode disabled<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 11:57:49 LOG3[main]:
Service [TCP]: Each service must define two endpoints<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 11:57:49 LOG3[main]:
Failed to reload the configuration file<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 16:37:16 LOG5[main]:
Reading configuration from file stunnel.conf<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 16:37:16 LOG5[main]:
UTF-8 byte order mark detected<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 16:37:16 LOG5[main]:
FIPS mode disabled<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 16:37:16 LOG4[main]:
Service [TCP] uses "verifyChain" without subject
checks<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 16:37:16 LOG4[main]: Use
"checkHost" or "checkIP" to restrict trusted
certificates<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 16:37:16 LOG5[main]:
Configuration successful<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 16:38:38 LOG5[11]:
Service [TCP] accepted connection from <a
href="http://127.0.0.1:62736" moz-do-not-send="true">127.0.0.1:62736</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 16:38:38 LOG5[11]:
s_connect: connected <a
href="http://69.191.198.34:8228"
moz-do-not-send="true">69.191.198.34:8228</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 16:38:38 LOG5[11]:
Service [TCP] connected remote server from <a
href="http://172.16.1.23:62737"
moz-do-not-send="true">172.16.1.23:62737</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 16:38:39 LOG5[11]:
Certificate accepted at depth=0: C=US, ST=NEW YORK,
L=NEW YORK, O=Bloomberg LP, OU=FIXBETA, CN=<a
href="http://fixbeta.bloomberg.com"
moz-do-not-send="true">fixbeta.bloomberg.com</a>,
emailAddress=<a href="mailto:caadmin@bloomberg.com"
moz-do-not-send="true">caadmin@bloomberg.com</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2017.06.13 16:39:10 LOG5[11]:
Connection closed: 0 byte(s) sent to TLS, 0 byte(s)
sent to socket<o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">i want connection remained connected
every time so that i can run the application.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">application can be work only if the
connection remain connected.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">please help me to sort this out.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Regards,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Dheeraj Gautam<o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p class="MsoNormal">On 25 May 2017 at 12:29, Małgorzata
Olszówka <<a
href="mailto:Malgorzata.Olszowka@stunnel.org"
target="_blank" moz-do-not-send="true">Malgorzata.Olszowka@stunnel.org</a>>
wrote:<o:p></o:p></p>
<blockquote style="border:none;border-left:solid #CCCCCC
1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<blockquote style="border:none;border-left:solid #CCCCCC
1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<p class="MsoNormal">Could you please let us know what
parameters we are missing here due to which
connection is not establishing with remote server.<br>
<br>
Although, stunnel logs indicating that configuration
successful, but in logs no where is mentioned about
the connection is it connected or not, <o:p></o:p></p>
</blockquote>
<p class="MsoNormal"><br>
<br>
Hello Dheeraj,<br>
<br>
You should set the verifyChain option in order to
verify the certificate stored in the file specified
with CAfile:<br>
verifyChain = yes<br>
<br>
Then you can test your connection:<br>
telnet 127.0.0.1 9233<br>
the stunnel logs will show information about the
connection attempt.<br>
<br>
Regards,<br>
Małgorzata<br>
_______________________________________________<br>
stunnel-users mailing list<br>
<a href="mailto:stunnel-users@stunnel.org"
target="_blank" moz-do-not-send="true">stunnel-users@stunnel.org</a><br>
<a
href="https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users"
target="_blank" moz-do-not-send="true">https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users</a><o:p></o:p></p>
</blockquote>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p><span style="font-size:7.5pt"><a
href="http://www.arborfs.com" target="_blank"
moz-do-not-send="true">www.arborfs.com</a></span><o:p></o:p></p>
<p><span
style="font-size:7.5pt;font-family:"Arial",sans-serif;color:gray">This
e-mail and any attachment are confidential and contain
proprietary information, some or all of which may be
legally privileged.</span><o:p></o:p></p>
<p><span
style="font-size:7.5pt;font-family:"Arial",sans-serif;color:gray">It
is intended solely for the use of the individual or entity
to which it is addressed. If you are not the intended
recipient, please notify the author immediately by
telephone or by replying to this e-mail, and then delete
all copies of the e-mail on your system. If you are not
the intended recipient, you must not use, disclose,
distribute, copy, print or rely on this e-mail.</span><o:p></o:p></p>
<p><span
style="font-size:7.5pt;font-family:"Arial",sans-serif;color:gray">Whilst
we have taken reasonable precautions to ensure that this
e-mail and any attachment has been checked for viruses, we
cannot guarantee that they are virus free and we cannot
accept liability for any damage sustained as a result of
software viruses. We would advise that you carry out your
own virus checks, especially before opening an attachment.</span><o:p></o:p></p>
<p><br>
CONFIDENTIALITY NOTICE<br>
The information contained in this email transmission is
legally privileged and confidential information intended
only for the use of the addressee named above. If the reader
of this message is not the intended recipient you are hereby
notified that any dissemination, distribution or copying of
this email transmission is strictly prohibited. If you have
received this email transmission in error, please notify us
immediately. Thank you.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p><span style="font-size:7.5pt;font-family:"Times New
Roman , serif",serif"><a
href="http://www.arborfs.com" target="_blank"
moz-do-not-send="true">www.arborfs.com</a></span><o:p></o:p></p>
<p><span
style="font-size:7.5pt;font-family:"Arial",sans-serif;color:gray">This
e-mail and any attachment are confidential and contain
proprietary information, some or all of which may be
legally privileged.</span><o:p></o:p></p>
<p><span
style="font-size:7.5pt;font-family:"Arial",sans-serif;color:gray">It
is intended solely for the use of the individual or entity
to which it is addressed. If you are not the intended
recipient, please notify the author immediately by
telephone or by replying to this e-mail, and then delete
all copies of the e-mail on your system. If you are not
the intended recipient, you must not use, disclose,
distribute, copy, print or rely on this e-mail.</span><o:p></o:p></p>
<p><span
style="font-size:7.5pt;font-family:"Arial",sans-serif;color:gray">Whilst
we have taken reasonable precautions to ensure that this
e-mail and any attachment has been checked for viruses, we
cannot guarantee that they are virus free and we cannot
accept liability for any damage sustained as a result of
software viruses. We would advise that you carry out your
own virus checks, especially before opening an attachment.</span><o:p></o:p></p>
<p class="MsoNormal"><br>
<br>
<br>
<o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>stunnel-users mailing list<o:p></o:p></pre>
<pre><a href="mailto:stunnel-users@stunnel.org" moz-do-not-send="true">stunnel-users@stunnel.org</a><o:p></o:p></pre>
<pre><a href="https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users" moz-do-not-send="true">https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<br>
<p><font size="1"><span
style="font-family:"Arial","sans-serif""><span
style="font-family:"Times New
Roman","serif""><a
href="http://www.arborfs.com" target="_blank"
moz-do-not-send="true">www.arborfs.com</a></span></span><span
style="font-family:"Arial","sans-serif";color:gray"><br>
</span></font></p>
<p><font size="1"><span
style="font-family:"Arial","sans-serif";color:gray">This
e-mail and any attachment are
confidential and contain proprietary information, some or
all of which may be
legally privileged.</span></font></p>
<p><font size="1"><span
style="font-family:"Arial","sans-serif";color:gray">It
is intended solely for the use of the
individual or entity to which it is addressed. If you are
not the
intended recipient, please notify the author immediately by
telephone or by
replying to this e-mail, and then delete all copies of the
e-mail on your
system. If you are not the intended recipient, you must not
use,
disclose, distribute, copy, print or rely on this e-mail.</span></font></p>
<p><font size="1"><span
style="font-family:"Arial","sans-serif";color:gray">Whilst
we have taken reasonable
precautions to ensure that this e-mail and any attachment
has been checked for
viruses, we cannot guarantee that they are virus free and we
cannot accept
liability for any damage sustained as a result of software
viruses. We
would advise that you carry out your own virus checks,
especially before
opening an attachment.</span></font><span></span></p>
</blockquote>
<br>
</body>
</html>