Hello. I'm trying to configure "protocol = socks" with "redirect = 127.0.0.1:80" and "verifyPeer = yes", but accordingly to the debug logs stunnel doesn't verify peer when I'm trying to connect without client's certificate, for an example, from browser: https://192.168.200.131:9013/, where 192.168.200.131 is stunnel server. Config file: [socks] cert = /usr/local/etc/stunnel/server.pem CAfile = /usr/local/etc/stunnel/client.crt verifyPeer = yes
redirect = 127.0.0.1:80 accept = 0.0.0.0:9013 protocol = socks
Debug log: 2024.10.02 07:24:19 LOG6[9]: No peer certificate received 2024.10.02 07:24:19 LOG6[9]: Session id: AFA5F9CE2997328612F76E3B3572FE00C71C53ED31A98567E56DCC084EF580AD 2024.10.02 07:24:19 LOG7[9]: TLS state (accept): SSLv3/TLS write session ticket 2024.10.02 07:24:19 LOG6[9]: TLS accepted: new session negotiated 2024.10.02 07:24:19 LOG6[9]: TLSv1.3 ciphersuite: TLS_AES_128_GCM_SHA256 (128-bit encryption) 2024.10.02 07:24:19 LOG6[9]: Peer temporary key: X25519, 253 bits 2024.10.02 07:24:19 LOG7[9]: Compression: null, expansion: null 2024.10.02 07:24:19 LOG7[9]: Waiting for the SOCKS request 2024.10.02 07:24:19 LOG3[9]: Unsupported SOCKS version 0x47 2024.10.02 07:24:19 LOG5[9]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
It tries to accept SOCKS info even without certificate and doesn't redirect to 127.0.0.1:80.
In browser, I'm getting:
Secure Connection Failed An error occurred during a connection to 192.168.200.131:9013. PR_CONNECT_RESET_ERROR Error code: PR_CONNECT_RESET_ERROR
Can you check why it happens?
Thank you.