<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Title" content="">
<meta name="Keywords" content="">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Century Gothic";
panose-1:2 11 5 2 2 2 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Century Gothic",serif;
color:#2F5496;
font-weight:normal;
font-style:normal;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Century Gothic",serif;
color:#7030A0;
font-weight:normal;
font-style:normal;}
span.msoIns
{mso-style-type:export-only;
mso-style-name:"";
text-decoration:underline;
color:teal;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body bgcolor="white" lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#7030A0">I added “sslVersion = TLSv1.2” to my stunnel.conf file, and this time my telnet attempt returned:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#7030A0"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt;font-family:"Courier",serif;color:black">220 email-smtp.amazonaws.com ESMTP SimpleEmailService-2370111491 vrvCuSNrkl4H4hgb19Wk<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#7030A0"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#7030A0">I think that’s what I wanted to see. Thanks so much for your help!<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#7030A0"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><b><span style="font-family:"Century Gothic",serif;color:#00B0F0">Rob Allen,
</span></b><span style="font-family:"Century Gothic",serif;color:#00B0F0">CPO<b><o:p></o:p></b></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:black">Software Engineer </span><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:#00B0F0">|</span><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:black">
Eyefinity </span><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:#00B0F0">|</span><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:black"> Team OCP </span><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:#00B0F0">|</span><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:black"> 3333
Quality Drive, Rancho Cordova, CA 95670<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:black">eyefinity.com </span><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:#00B0F0">|</span><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:black"> P:
916.858.5645 <o:p></o:p></span></p>
</div>
<p class="MsoNormal"><i><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:black">What does it mean to move Forward Together? <a href="https://www.youtube.com/watch?v=Nj2MzSZDKF0">Watch Eyefinity EHR Senior Product Manager Phernell Walker
II, ABOM explain.</a></span></i><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#7030A0"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#7030A0"><o:p> </o:p></span></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="color:black">From: </span></b><span style="color:black">"Josealf.rm" <josealf@rocketmail.com><br>
<b>Date: </b>Friday, September 15, 2017 at 1:06 PM<br>
<b>To: </b>"robert.allen@eyefinity.com" <robert.allen@eyefinity.com><br>
<b>Cc: </b>"stunnel-users@stunnel.org" <stunnel-users@stunnel.org><br>
<b>Subject: </b>Re: [stunnel-users] Help with connectivity issue<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal">Robert,<o:p></o:p></p>
</div>
<div id="AppleMailSignature">
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div id="AppleMailSignature">
<p class="MsoNormal">Most likely amazon is not accepting TLSv1. It is a deprecated protocol. Remove sslVersion lines. <o:p></o:p></p>
</div>
<div id="AppleMailSignature">
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div id="AppleMailSignature">
<p class="MsoNormal">Check the OpenSSL output from your connection test. It should display the TLS version used.<br>
<br>
Saludos <o:p></o:p></p>
<div>
<p class="MsoNormal">Jose A. Diaz<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
On Sep 15, 2017, at 2:05 PM, Rob Allen <<a href="mailto:robert.allen@eyefinity.com">robert.allen@eyefinity.com</a>> wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496">I’ve installed stunnel on an Amazon EC2 instance:</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496">stunnel 4.56 on x86_64-redhat-linux-gnu platform</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496">Compiled/running with OpenSSL 1.0.1e-fips 11 Feb 2013</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496">Threading:PTHREAD Sockets:POLL,IPv6 SSL:ENGINE,OCSP,FIPS Auth:LIBWRAP</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">Global options:</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">debug = daemon.notice</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">pid = /var/run/stunnel.pid</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">RNDbytes = 64</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">RNDfile = /dev/urandom</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">RNDoverwrite = yes</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">Service-level options:</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">ciphers = FIPS (with "fips = yes")</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">ciphers = ALL:!SSLv2:!aNULL:!EXP:!LOW:-MEDIUM:RC4:+HIGH (with "fips = no")</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">curve = prime256v1</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">sessionCacheSize = 1000</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">sessionCacheTimeout = 300 seconds</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">sslVersion = TLSv1 (with "fips = yes")</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">sslVersion = TLSv1 for client, all for server (with "fips = no")</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">stack = 65536 bytes</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">TIMEOUTbusy = 300 seconds</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">TIMEOUTclose = 60 seconds</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">TIMEOUTconnect = 10 seconds</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">TIMEOUTidle = 43200 seconds</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">verify = none</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496">I’ve created the stunnel.conf file:</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">[smtp-tls-wrapper]</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">accept = 2525</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">client = yes</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">connect =
<a href="https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Femail-smtp.us-west-2.amazonaws.com%3A465&data=02%7C01%7Crobert.allen%40eyefinity.com%7Ce66f069e412a40f675a708d4fc75318d%7C3510753d6c4048ae9b9e2fc672d5e5dd%7C0%7C0%7C636411027658759126&sdata=%2BfS8Op4y7CLnSzoXnbOE87d6Kf5ApPh3ECQz%2Bw8%2FdDg%3D&reserved=0">
email-smtp.us-west-2.amazonaws.com:465</a></span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">protocol=smtp</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">delay = yes</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496">I’ve tested the connection to SES (successfully) via openssl:</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">[ec2-user@ip-172-31-4-68 ~]$ openssl s_client -quiet -crlf -connect
<a href="https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Femail-smtp.us-west-2.amazonaws.com%3A465&data=02%7C01%7Crobert.allen%40eyefinity.com%7Ce66f069e412a40f675a708d4fc75318d%7C3510753d6c4048ae9b9e2fc672d5e5dd%7C0%7C0%7C636411027658759126&sdata=%2BfS8Op4y7CLnSzoXnbOE87d6Kf5ApPh3ECQz%2Bw8%2FdDg%3D&reserved=0">
email-smtp.us-west-2.amazonaws.com:465</a></span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification
Authority - G5</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">verify return:1</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">depth=1 C = US, O = Symantec Corporation, OU = Symantec Trust Network, CN = Symantec Class 3 Secure Server CA - G4</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">verify return:1</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">depth=0 C = US, ST = Washington, L = Seattle, O = "<a href="https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2FAmazon.com&data=02%7C01%7Crobert.allen%40eyefinity.com%7Ce66f069e412a40f675a708d4fc75318d%7C3510753d6c4048ae9b9e2fc672d5e5dd%7C0%7C0%7C636411027658759126&sdata=SPg%2BeVhM4yAHLAPKSdCzgnnHoC51pmAaE1vQLq5RDfY%3D&reserved=0">Amazon.com</a>,
Inc.", CN = <a href="https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Femail-smtp.us-west-2.amazonaws.com&data=02%7C01%7Crobert.allen%40eyefinity.com%7Ce66f069e412a40f675a708d4fc75318d%7C3510753d6c4048ae9b9e2fc672d5e5dd%7C0%7C0%7C636411027658759126&sdata=4vOpXE%2FdfjrzF7jAJsntndPu433EpFh%2FcQ0mJM%2FJjzE%3D&reserved=0">
email-smtp.us-west-2.amazonaws.com</a></span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">verify return:1</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">220
<a href="https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Femail-smtp.amazonaws.com&data=02%7C01%7Crobert.allen%40eyefinity.com%7Ce66f069e412a40f675a708d4fc75318d%7C3510753d6c4048ae9b9e2fc672d5e5dd%7C0%7C0%7C636411027658759126&sdata=BzqvMygpf9MVsmanrmhXorCK7xeONRU6%2FjrkJTM6pB8%3D&reserved=0">
email-smtp.amazonaws.com</a> ESMTP SimpleEmailService-2370111491 wa7VtNk9b7c4TX0jNpdG</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496">But when I try to access through stunnel via localhost with telnet, I get this:</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">[ec2-user@ip-172-31-4-68 ~]$ telnet localhost 2525</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">Trying ::1...</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">telnet: connect to address ::1: Connection refused</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">Trying 127.0.0.1...</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">Connected to localhost.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">Escape character is '^]'.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496">Connection closed by foreign host.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Courier",serif;color:#2F5496"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496">I’ve tried everything I can think of; I’ve read all the blogs and pages related to connecting from ec2 to SES via stunnel and I just can’t get it to work.
Does anyone have any suggestions for other things I could try?</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Century Gothic",serif;color:#2F5496">Thanks in advance,</span><o:p></o:p></p>
<p class="MsoNormal"><b><span style="font-family:"Century Gothic",serif;color:#00B0F0">Rob Allen,
</span></b><span style="font-family:"Century Gothic",serif;color:#00B0F0">CPO</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:black">Software Engineer </span><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:#00B0F0">|</span><span style="font-size:10.0pt;font-family:"Century Gothic",serif;color:black">
Eyefinity</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">NOTICE: This message is intended only for the individual to whom it is addressed and may contain information that is confidential or privileged. If you are not the intended recipient, or the employee or person
responsible for delivering it to the intended recipient, you are hereby notified that any dissemination, distribution, copying or use is strictly prohibited. If you have received this communication in error, please notify the sender and destroy or delete this
communication immediately. <o:p></o:p></span></p>
</div>
</blockquote>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal"><span style="font-size:11.0pt">_______________________________________________<br>
stunnel-users mailing list<br>
<a href="mailto:stunnel-users@stunnel.org">stunnel-users@stunnel.org</a><br>
<a href="https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.stunnel.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Fstunnel-users&data=02%7C01%7Crobert.allen%40eyefinity.com%7Ce66f069e412a40f675a708d4fc75318d%7C3510753d6c4048ae9b9e2fc672d5e5dd%7C0%7C0%7C636411027658759126&sdata=LrMGRFpXuLN9IsaX6%2Fvd20SVYB%2FeNTB1ml1hKGK2cT0%3D&reserved=0">https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users</a><o:p></o:p></span></p>
</div>
</blockquote>
</div>
<P>MailGate made the following annotations<br/>---------------------------------------------------------------------<br/>NOTICE: This message is intended only for the individual to whom it is addressed and may contain information that is confidential or privileged. If you are not the intended recipient, or the employee or person responsible for delivering it to the intended recipient, you are hereby notified that any dissemination, distribution, copying or use is strictly prohibited. If you have received this communication in error, please notify the sender and destroy or delete this communication immediately.<br/>---------------------------------------------------------------------<br/>
</P></body>
</html>