I have an application that sends XML encrypted traffic over TCP to Stunnel. Stunnel is supposed to unencrypt and send to backend application unencrypted, however no traffic is sent. I have used wireshark and I do see the client hello for tls1.2 and the server hello for tls 1.2 so the cipher negotiation is completed.
Here is my config: sslVersionMax = TLSv1.2 options = -NO_SSLv3
[https] accept = 27015 connect = 27001 cert = cert.pem key = key.pem TIMEOUTclose = 0
STunnel Log in Debug 7 2023.01.13 14:03:42 LOG7[16572]: Service [https] started 2023.01.13 14:03:42 LOG7[16572]: Setting local socket options (FD=1888) 2023.01.13 14:03:42 LOG7[16572]: Option TCP_NODELAY set on local socket 2023.01.13 14:03:42 LOG5[16572]: Service [https] accepted connection from xx.xx.xx.xx:62478 2023.01.13 14:03:42 LOG6[16572]: Peer certificate not required 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): before SSL initialization 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): before SSL initialization 2023.01.13 14:03:42 LOG7[16572]: Decrypt session ticket callback 2023.01.13 14:03:42 LOG7[16572]: Initializing application specific data for session authenticated 2023.01.13 14:03:42 LOG7[16572]: SNI: no virtual services defined 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS read client hello 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write server hello 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write certificate 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write key exchange 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write server done 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write server done 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS read client key exchange 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS read change cipher spec 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS read finished 2023.01.13 14:03:42 LOG7[16572]: Generate session ticket callback 2023.01.13 14:03:42 LOG7[16572]: Initializing application specific data for session authenticated 2023.01.13 14:03:42 LOG7[16572]: Deallocating application specific data for session connect address 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write session ticket 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write change cipher spec 2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write finished 2023.01.13 14:03:42 LOG7[16572]: 33 server accept(s) requested 2023.01.13 14:03:42 LOG7[16572]: 33 server accept(s) succeeded 2023.01.13 14:03:42 LOG7[16572]: 0 server renegotiation(s) requested 2023.01.13 14:03:42 LOG7[16572]: 0 session reuse(s) 2023.01.13 14:03:42 LOG7[16572]: 1 internal session cache item(s) 2023.01.13 14:03:42 LOG7[16572]: 0 internal session cache fill-up(s) 2023.01.13 14:03:42 LOG7[16572]: 0 internal session cache miss(es) 2023.01.13 14:03:42 LOG7[16572]: 0 external session cache hit(s) 2023.01.13 14:03:42 LOG7[16572]: 0 expired session(s) retrieved 2023.01.13 14:03:42 LOG6[16572]: TLS accepted: new session negotiated 2023.01.13 14:03:42 LOG6[16572]: TLSv1.2 ciphersuite: ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption) 2023.01.13 14:03:42 LOG3[16572]: SSL_get_peer_tmp_key: Peer suddenly disconnected 2023.01.13 14:03:42 LOG7[16572]: Compression: null, expansion: null 2023.01.13 14:03:42 LOG7[16572]: Deallocating application specific data for session connect address 2023.01.13 14:03:42 LOG6[16572]: s_connect: connecting 127.0.0.1:27001 2023.01.13 14:03:42 LOG7[16572]: s_connect: s_poll_wait 127.0.0.1:27001: waiting 10 seconds 2023.01.13 14:03:42 LOG7[16572]: FD=1472 ifds=rwx ofds=--- 2023.01.13 14:03:42 LOG5[16572]: s_connect: connected 127.0.0.1:27001 2023.01.13 14:03:42 LOG6[16572]: persistence: 127.0.0.1:27001 cached 2023.01.13 14:03:42 LOG5[16572]: Service [https] connected remote server from 127.0.0.1:56732 2023.01.13 14:03:42 LOG7[16572]: Setting remote socket options (FD=1472) 2023.01.13 14:03:42 LOG7[16572]: Option TCP_NODELAY set on remote socket 2023.01.13 14:03:42 LOG7[16572]: Remote descriptor (FD=1472) initialized 2023.01.13 14:03:42 LOG6[16572]: SSL_read: Socket is closed 2023.01.13 14:03:42 LOG6[16572]: TLS socket closed (SSL_read) 2023.01.13 14:03:42 LOG7[16572]: Sent socket write shutdown 2023.01.13 14:03:42 LOG5[16572]: Connection closed: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2023.01.13 14:03:42 LOG7[16572]: Remote descriptor (FD=1472) closed 2023.01.13 14:03:42 LOG7[16572]: Local descriptor (FD=1888) closed 2023.01.13 14:03:42 LOG7[16572]: Service [https] finished (1 left)
Any assistance you can provide would be glorious! _________________________________ Gary Jackson