Hello,
Sorry for the delay, soooo much things to do and I add trouble to get extra IP from my ISP.
Now this things are sorted, I've an issue when I add one more domain.
the CRT file is generated by my registrar. If it's in the wrong format, How can I convert it?
root@ns0:/var/log/stunnel4# service stunnel4 start
Starting SSL tunnels: [Started: /etc/stunnel/base.conf] Reading configuration from file /etc/stunnel/mansonthomas.com.conf
Snagged 64 random bytes from /dev/urandom
PRNG seeded successfully
Using DH parameters from /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
DH initialized with 2048 bit key
ECDH initialized
Certificate: /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
Certificate loaded
Key file: /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
error queue: 140B0009 : error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib
SSL_CTX_use_PrivateKey_file: 906D06C: error:0906D06C:PEM routines:PEM_read_bio:no start line
[Failed: /etc/stunnel/mansonthomas.com.conf]
You should check that you have specified the pid= in you configuration file
The CRT file look like this :
root@ns0:/etc/stunnel/sites/mansonthomas.com# cat mansonthomas.com.crt
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egCwIBAgIRAJhidFW4DBk0X/aIvC6ZYNUwDQYJKoZIhvcNAQEF
BQAw4TELMAkGA1aEBhMCRlIxEjAQBgNVBAoTCUdBTkR34FNBUzEeMBwGA1UE
AxMVR2FuZGkgU3RhbZRhc1QgU1NMIENBMB4XDTExGTAxNDAwPDAwMFoXDTE
...
DbAzOLhzx0BQKBZHtNzCDD9kwPYg4w4PhVcgTTrLkNdcr3Fh
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
.....
-----END DH PARAMETERS-----
/etc/stunnel/base.conf
====================================
root@ns0:/etc/stunnel# cat base.conf
debug = 7
sslVersion = SSLv3
cert=/etc/stunnel/sites/mysite.com/mysite.com.crt
key=/etc/stunnel/sites/mysite.com/mysite.com.key
; security enhancements for UNIX systems
; for chroot a copy of some devices and files is needed within the jail
;chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
; PID is created inside the chroot jail
pid = /stunnel4.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
output = /var/log/stunnel.log
[https-mysite.com]
accept=88.190.17.222:443
connect=127.0.0.1:82
====================================
root@ns0:/etc/stunnel# cat mansonthomas.com.conf
====================================
[mansonthomas.com]
cert = /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
accept = 88.190.217.117:443
connect = 127.0.0.1:82
TIMEOUTclose = 0
====================================
Strangely, there is no file /var/log/stunnel.log
but a 0 length file in /var/log/stunnel4/stunnel.log
root@ns0:/etc/stunnel# ll /var/log/stunnel4/stunnel.log
-rw-r--r-- 1 stunnel4 stunnel4 0 2012-01-17 20:31 /var/log/stunnel4/stunnel.log
Any idea?
Regards,
Thomas.
Thomas,
Your config looks fine. If not working, Set debug=7 in stunnel.conf and post your log.
Jose
-----Original Message-----
From: Thomas Manson <dev.mansonthomas@gmail.com>
Sender: stunnel-users-bounces@stunnel.org
Date: Fri, 10 Feb 2012 22:09:38
To: <stunnel-users@stunnel.org>
Subject: [stunnel-users] Multiple Domains for https
_______________________________________________
stunnel-users mailing list
stunnel-users@stunnel.org
http://stunnel.mirt.net/mailman/listinfo/stunnel-users