----- Forwarded Message -----
From: "Krinali Shah - PES" <krinali.shah@einfochips.com>
To: stunnel-users@stunnel.org
Sent: Monday, February 3, 2014 3:04:44 PM
Subject: cross compiling stunnel-4.21 for ARM

Hi All,

                        I have thttpd server cross-compiled for my ARM based embedded board.
                        Now I want to add the support for https services on my board, so I think of using stunnel with openssl.
                        I have already download source code of openssl and cross compiled it, for linux-arm.
                        I have downloaded stunnel-4.21 and followed the steps as mentioned below.

                       1. create stunnel.pem file inside /etc/ssl/certs/stunnel.pem
                       2. create stunnel.conf file inside /etc/stunnel/stunnel.conf with following parameters.

                            cert = /etc/ssl/certs/stunnel.pem
                            key = /etc/ssl/certs/stunnel.pem
                            chroot = /var/run/stunnel
                            setuid = stunnel4
                            setgid = stunnel4
                            debug = 7
                            pid = /stunnel.pid
                            setuid = stunnel
                            setgid = stunnel
                            socket = l:TCP_NODELAY=1
                            socket = r:TCP_NODELAY=1
                            compression = rle
                            output = /var/log/stunnel4/stunnel.log
                            client = no
                            [https]
                            accept  = 10.103.2.104:443
                            connect = 127.0.0.1:8080
                            TIMEOUTclose = 0

                       2. ./configure --prefix=/home/stunnel --host=arm-linux --enable-shared --with-ssl=/home
                       3. changed CC, RANLIB and STRIP environment variables for cross compilation in Makefile.
                       4. make
                       5. sudo make install
                
                        The cross-compiled binary stunnel is installed.
                        When I run the binary on board, it does not show any error. Following debug messages are seen on screen.
                       
                        1969.12.31 21:19:54 LOG6[1154:1073842296]: Compression enabled using rle method
                        1969.12.31 21:19:54 LOG7[1154:1073842296]: RAND_status claims sufficient entropG
                        1969.12.31 21:19:54 LOG7[1154:1073842296]: PRNG seeded successfully
                        1969.12.31 21:19:54 LOG7[1154:1073842296]: Certificate: /etc/ssl/certs/stunnel.m
                        1969.12.31 21:19:54 LOG7[1154:1073842296]: Certificate loaded
                        1969.12.31 21:19:54 LOG7[1154:1073842296]: Key file: /etc/ssl/certs/stunnel.pem
                        1969.12.31 21:19:54 LOG7[1154:1073842296]: Private key loaded
                        1969.12.31 21:19:54 LOG7[1154:1073842296]: SSL context initialized for service s

                        But, If I try to request https service from web browser (Firefox) ie, https://server_ip it gives me error. Meaning https server is not started correctly, still something is missing.

                        Please guide me if you have any clues.
                        Any help would be highly appreciated.








Thanks,
Krinali Shah

*************************************************************************************************************************************************************

eInfochips Business Disclaimer: This e-mail message and all attachments transmitted with it are intended solely for the use of the addressee and may contain legally privileged and confidential information. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution, copying, or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately by replying to this message and please delete it from your computer. Any views expressed in this message are those of the individual sender unless otherwise stated. Company has taken enough precautions to prevent the spr ead of viruses. However the company accepts no liability for any damage caused by any virus transmitted by this email.

*************************************************************************************************************************************************************
---------------------------------------------------------------------------------------------
Notice: 
This message has been scanned by Trend Micro Mail Security scanner and is believed to be clean
---------------------------------------------------------------------------------------------