* Edward Smithson wrote:
We are running Stunnel as a service (Stunnel TLS wrapper) It is version 5.75 We get the message after a user logs on
That sounds unusual. When a service cannot start, the user should not get a message to that effect.
Check the System event log for entries that this service failed to start, please. Also, can you show the output of running
sc.exe qc <name of service>
?
You mentioned originally that it works when opened manually. Did you mean it works when you run it interactively, or when you start the service again? If the former, what happens if you try starting the service again?
The following DLLs are present in Program Files (x86)\stunnel\bin libcrypto-3-x64.dll libgcc_s_seh-1.dll libssl-3-x64.dll libssp-0.dll
Looks OK, too, and because it works when run by hand, it obviously is. To my knowledge libgcc_s_seh is not needed, but having it there doesn't hurt either.
I have just about exactly the same configuration as you do, except I repackage stunnel into my own MSI that also does the service registration. It has always worked well on both 10 and 11.
If you like digging through enormous logs, you can do this:
- Get Sysinternals Process Monitor https://learn.microsoft.com/en-gb/sysinternals/downloads/procmon
- Run it and set the filter to "Process Name contains stunnel"
- In the Filter menu, check Drop Filtered Events
- In the Edit menu, select Clear Display
Now you have two options depending on whether starting the service after login works or not. If it does _not_, just try starting it again to get the log. Otherwise:
- In the Options menu, select Enable Boot Logging
- Restart the computer
- Log on as the same user that you ran Process Monitor as
- Start Process Monitor again
Now go dig. You can search for "libcrypto". I just tried that, and the only non-SUCCESS entries were "FILE LOCKED WITH ONLY READERS", and that is expected behavior. Hopefully you will find something else to put you on the right track.