stunnel-users February 2014

stunnel-users@stunnel.org

9 participants
12 discussions

Re: [stunnel-users] cross compiling stunnel-4.21 for ARM
by josealf＠rocketmail.com 03 Feb '14

03 Feb '14

Krinali, Looks like firefox can't connect to port 443 on your target IP. Are you sure there is no firewall enabled on your board? Regards, Jose -----Original Message----- From: Krinali Shah - PES <krinali.shah(a)einfochips.com> Date: Mon, 3 Feb 2014 16:47:39 To: <josealf(a)rocketmail.com> Subject: Re: [stunnel-users] cross compiling stunnel-4.21 for ARM Hi Jose, Thank you so much for your suggestion. Firefox is giving an error like "Problem Loading Page". (Plase find attached snapshot for your reference). Note - I have made sure that there are no proxy settings on firefox. Thanks, Krinali Shah ----- Original Message ----- From: josealf(a)rocketmail.com To: "Krinali Shah - PES" <krinali.shah(a)einfochips.com>, "stunnel-users" <stunnel-users-bounces(a)stunnel.org>, stunnel-users(a)stunnel.org Sent: Monday, February 3, 2014 4:21:49 PM Subject: Re: [stunnel-users] cross compiling stunnel-4.21 for ARM Krimnali, 1. Exactly which error is giving Firefox? It will give you an error if the certificate subject does not match the URL (in this case the IP). And of course, it will also complain if the certificate is self signed and/or the signing CA is unknown. 2. Why are you using such an updated stunnel version? 3. You can use openssl s_client command to troubleshoot. Google for it. Regards, Jose -----Original Message----- From: Krinali Shah - PES <krinali.shah(a)einfochips.com> Sender: "stunnel-users" <stunnel-users-bounces(a)stunnel.org> Date: Mon, 3 Feb 2014 15:34:28 To: <stunnel-users(a)stunnel.org> Subject: [stunnel-users] cross compiling stunnel-4.21 for ARM _______________________________________________ stunnel-users mailing list stunnel-users(a)stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users --------------------------------------------------------------------------------------------- Notice: This message has been scanned by Trend Micro Mail Security scanner and is believed to be clean --------------------------------------------------------------------------------------------- ************************************************************************************************************************************************************* eInfochips Business Disclaimer : This e-mail message and all attachments transmitted with it are intended solely for the use of the addressee and may contain legally privileged and confidential information. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution, copying, or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately by replying to this message and please delete it from your computer. Any views expressed in this message are those of the individual sender unless otherwise stated. Company has taken enough precautions to prevent the spread of viruses. However the company accepts no liability for any damage caused by any virus transmitted by this email. ************************************************************************************************************************************************************* --------------------------------------------------------------------------------------------- Notice: This message has been scanned by Trend Micro Mail Security scanner and is believed to be clean ---------------------------------------------------------------------------------------------

1 0

cross compiling stunnel-4.21 for ARM
by Krinali Shah - PES 03 Feb '14

03 Feb '14

----- Forwarded Message ----- From: "Krinali Shah - PES" <krinali.shah(a)einfochips.com> To: stunnel-users(a)stunnel.org Sent: Monday, February 3, 2014 3:04:44 PM Subject: cross compiling stunnel-4.21 for ARM Hi All, I have thttpd server cross-compiled for my ARM based embedded board. Now I want to add the support for https services on my board, so I think of using stunnel with openssl. I have already download source code of openssl and cross compiled it, for linux-arm. I have downloaded stunnel-4.21 and followed the steps as mentioned below. 1. create stunnel.pem file inside /etc/ssl/certs/stunnel.pem 2. create stunnel.conf file inside /etc/stunnel/stunnel.conf with following parameters. cert = /etc/ssl/certs/stunnel.pem key = /etc/ssl/certs/stunnel.pem chroot = /var/run/stunnel setuid = stunnel4 setgid = stunnel4 debug = 7 pid = /stunnel.pid setuid = stunnel setgid = stunnel socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 compression = rle output = /var/log/stunnel4/stunnel.log client = no [https] accept = 10.103.2.104:443 connect = 127.0.0.1:8080 TIMEOUTclose = 0 2. ./configure --prefix=/home/stunnel --host=arm-linux --enable-shared --with-ssl=/home 3. changed CC, RANLIB and STRIP environment variables for cross compilation in Makefile. 4. make 5. sudo make install The cross-compiled binary stunnel is installed. When I run the binary on board, it does not show any error. Following debug messages are seen on screen. 1969.12.31 21:19:54 LOG6[1154:1073842296]: Compression enabled using rle method 1969.12.31 21:19:54 LOG7[1154:1073842296]: RAND_status claims sufficient entropG 1969.12.31 21:19:54 LOG7[1154:1073842296]: PRNG seeded successfully 1969.12.31 21:19:54 LOG7[1154:1073842296]: Certificate: /etc/ssl/certs/stunnel.m 1969.12.31 21:19:54 LOG7[1154:1073842296]: Certificate loaded 1969.12.31 21:19:54 LOG7[1154:1073842296]: Key file: /etc/ssl/certs/stunnel.pem 1969.12.31 21:19:54 LOG7[1154:1073842296]: Private key loaded 1969.12.31 21:19:54 LOG7[1154:1073842296]: SSL context initialized for service s But, If I try to request https service from web browser (Firefox) ie, https://server_ip it gives me error. Meaning https server is not started correctly, still something is missing. Please guide me if you have any clues. Any help would be highly appreciated. Thanks, Krinali Shah ************************************************************************************************************************************************************* eInfochips Business Disclaimer : This e-mail message and all attachments transmitted with it are intended solely for the use of the addressee and may contain legally privileged and confidential information. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution, copying, or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately by replying to this message and please delete it from your computer. Any views expressed in this message are those of the individual sender unless otherwise stated. Company has taken enough precautions to prevent the spread of viruses. However the company accepts no liability for any damage caused by any virus transmitted by this email. ************************************************************************************************************************************************************* --------------------------------------------------------------------------------------------- Notice: This message has been scanned by Trend Micro Mail Security scanner and is believed to be clean ---------------------------------------------------------------------------------------------

2 1

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

stunnel-users February 2014