I get the following error running 'sudo service stunnel4 status' :
LOG3[0]: SSL_accept: ../ssl/record/ssl3_record.c:331: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
is that merely a mismatch between openSSL versions used by client and server?
I have tried changing the config file options, also with no specification since the default according to stunnel.org is:
options = NO_SSLv2 options = NO_SSLv3
I have tried (service level option): sslVersion = TLSv1
Same error. When running sudo service stunnel4 status after start:
May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP May 12 08:22:45 user-Linux stunnel4[16616]: Starting TLS tunnels: /etc/stunnel/stunnel.conf: started May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: Reading configuration from file /etc/stunnel/stunnel.conf May 12 08:22:45 user-Linux systemd[1]: Started LSB: Start or stop stunnel 4.x (TLS tunnel for network daemons). May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: UTF-8 byte order mark not detected May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: FIPS mode disabled May 12 08:22:45 user-Linux stunnel[16630]: LOG4[ui]: Insecure file permissions on /var/lib/stunnel4/psk.txt May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: Configuration successful May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: Switched to chroot directory: /var/lib/stunnel4/ May 12 08:22:45 user-Linux stunnel[16632]: LOG5[cron]: Updating DH parameters
After trying to make a connection via FIX connection:
May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: Service [**redacted**] started May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: Setting local socket options (FD=3) May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: Option TCP_NODELAY set on local socket May 12 08:28:04 user-Linux stunnel[16798]: LOG5[0]: Service [**redacted**] accepted connection from 127.0.0.1:51954 May 12 08:28:04 user-Linux stunnel[16798]: LOG6[0]: Peer certificate not required May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: TLS state (accept): before SSL initialization May 12 08:28:04 user-Linux stunnel[16798]: LOG3[0]: SSL_accept: ../ssl/record/ssl3_record.c:331: error:1408F10B:SSL routines:ssl3_get_record:wrong version number May 12 08:28:04 user-Linux stunnel[16798]: LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: Local descriptor (FD=3) closed May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: Service [**redacted**] finished (0 left)