Hello,

 Sorry for the delay, soooo much things to do and I add trouble to get extra IP from my ISP.

  Now this things are sorted, I've an issue when I add one more domain.

  the CRT file is generated by my registrar. If it's in the wrong format, How can I convert it?


root@ns0:/var/log/stunnel4# service stunnel4 start
Starting SSL tunnels: [Started: /etc/stunnel/base.conf] Reading configuration from file /etc/stunnel/mansonthomas.com.conf
Snagged 64 random bytes from /dev/urandom
PRNG seeded successfully
Using DH parameters from /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
DH initialized with 2048 bit key
ECDH initialized
Certificate: /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
Certificate loaded
Key file: /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
error queue: 140B0009 : error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib
SSL_CTX_use_PrivateKey_file: 906D06C: error:0906D06C:PEM routines:PEM_read_bio:no start line
[Failed: /etc/stunnel/mansonthomas.com.conf]
You should check that you have specified the pid= in you configuration file

The CRT file look like this :
root@ns0:/etc/stunnel/sites/mansonthomas.com# cat mansonthomas.com.crt
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egCwIBAgIRAJhidFW4DBk0X/aIvC6ZYNUwDQYJKoZIhvcNAQEF
BQAw4TELMAkGA1aEBhMCRlIxEjAQBgNVBAoTCUdBTkR34FNBUzEeMBwGA1UE
AxMVR2FuZGkgU3RhbZRhc1QgU1NMIENBMB4XDTExGTAxNDAwPDAwMFoXDTE
...

DbAzOLhzx0BQKBZHtNzCDD9kwPYg4w4PhVcgTTrLkNdcr3Fh
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
.....
-----END DH PARAMETERS-----




/etc/stunnel/base.conf
====================================

root@ns0:/etc/stunnel# cat base.conf
debug = 7


sslVersion = SSLv3
cert=/etc/stunnel/sites/mysite.com/mysite.com.crt
key=/etc/stunnel/sites/mysite.com/mysite.com.key


; security enhancements for UNIX systems
; for chroot a copy of some devices and files is needed within the jail
;chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
; PID is created inside the chroot jail
pid = /stunnel4.pid


socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
output = /var/log/stunnel.log

[https-mysite.com]
accept=88.190.17.222:443
connect=127.0.0.1:82
====================================


root@ns0:/etc/stunnel# cat mansonthomas.com.conf
====================================
[mansonthomas.com]
cert          = /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
accept        = 88.190.217.117:443
connect       = 127.0.0.1:82

TIMEOUTclose  = 0
====================================


Strangely, there is no file /var/log/stunnel.log
but a 0 length file in /var/log/stunnel4/stunnel.log

root@ns0:/etc/stunnel# ll /var/log/stunnel4/stunnel.log
-rw-r--r-- 1 stunnel4 stunnel4 0 2012-01-17 20:31 /var/log/stunnel4/stunnel.log


Any idea?

Regards,
Thomas.

On Sat, Feb 11, 2012 at 13:34, <josealf@rocketmail.com> wrote:
Thomas,

Your config looks fine.  If not working, Set debug=7 in stunnel.conf and post your log.

Jose
-----Original Message-----
From: Thomas Manson <dev.mansonthomas@gmail.com>
Sender: stunnel-users-bounces@stunnel.org
Date: Fri, 10 Feb 2012 22:09:38
To: <stunnel-users@stunnel.org>
Subject: [stunnel-users]  Multiple Domains for https

_______________________________________________
stunnel-users mailing list
stunnel-users@stunnel.org
http://stunnel.mirt.net/mailman/listinfo/stunnel-users