I have an application that sends XML encrypted traffic over TCP to Stunnel. Stunnel is supposed to unencrypt and send to backend application unencrypted, however no traffic is sent. I have used wireshark and I do see the client hello
for tls1.2 and the server hello for tls 1.2 so the cipher negotiation is completed.
Here is my config:
sslVersionMax = TLSv1.2
options = -NO_SSLv3
[https]
accept = 27015
connect = 27001
cert = cert.pem
key = key.pem
TIMEOUTclose = 0
STunnel Log in Debug 7
2023.01.13 14:03:42 LOG7[16572]: Service [https] started
2023.01.13 14:03:42 LOG7[16572]: Setting local socket options (FD=1888)
2023.01.13 14:03:42 LOG7[16572]: Option TCP_NODELAY set on local socket
2023.01.13 14:03:42 LOG5[16572]: Service [https] accepted connection from xx.xx.xx.xx:62478
2023.01.13 14:03:42 LOG6[16572]: Peer certificate not required
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): before SSL initialization
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): before SSL initialization
2023.01.13 14:03:42 LOG7[16572]: Decrypt session ticket callback
2023.01.13 14:03:42 LOG7[16572]: Initializing application specific data for session authenticated
2023.01.13 14:03:42 LOG7[16572]: SNI: no virtual services defined
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS read client hello
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write server hello
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write certificate
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write key exchange
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write server done
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write server done
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS read client key exchange
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS read change cipher spec
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS read finished
2023.01.13 14:03:42 LOG7[16572]: Generate session ticket callback
2023.01.13 14:03:42 LOG7[16572]: Initializing application specific data for session authenticated
2023.01.13 14:03:42 LOG7[16572]: Deallocating application specific data for session connect address
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write session ticket
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write change cipher spec
2023.01.13 14:03:42 LOG7[16572]: TLS state (accept): SSLv3/TLS write finished
2023.01.13 14:03:42 LOG7[16572]: 33 server accept(s) requested
2023.01.13 14:03:42 LOG7[16572]: 33 server accept(s) succeeded
2023.01.13 14:03:42 LOG7[16572]: 0 server renegotiation(s) requested
2023.01.13 14:03:42 LOG7[16572]: 0 session reuse(s)
2023.01.13 14:03:42 LOG7[16572]: 1 internal session cache item(s)
2023.01.13 14:03:42 LOG7[16572]: 0 internal session cache fill-up(s)
2023.01.13 14:03:42 LOG7[16572]: 0 internal session cache miss(es)
2023.01.13 14:03:42 LOG7[16572]: 0 external session cache hit(s)
2023.01.13 14:03:42 LOG7[16572]: 0 expired session(s) retrieved
2023.01.13 14:03:42 LOG6[16572]: TLS accepted: new session negotiated
2023.01.13 14:03:42 LOG6[16572]: TLSv1.2 ciphersuite: ECDHE-RSA-AES256-GCM-SHA384 (256-bit encryption)
2023.01.13 14:03:42 LOG3[16572]: SSL_get_peer_tmp_key: Peer suddenly disconnected
2023.01.13 14:03:42 LOG7[16572]: Compression: null, expansion: null
2023.01.13 14:03:42 LOG7[16572]: Deallocating application specific data for session connect address
2023.01.13 14:03:42 LOG6[16572]: s_connect: connecting 127.0.0.1:27001
2023.01.13 14:03:42 LOG7[16572]: s_connect: s_poll_wait 127.0.0.1:27001: waiting 10 seconds
2023.01.13 14:03:42 LOG7[16572]: FD=1472 ifds=rwx ofds=---
2023.01.13 14:03:42 LOG5[16572]: s_connect: connected 127.0.0.1:27001
2023.01.13 14:03:42 LOG6[16572]: persistence: 127.0.0.1:27001 cached
2023.01.13 14:03:42 LOG5[16572]: Service [https] connected remote server from 127.0.0.1:56732
2023.01.13 14:03:42 LOG7[16572]: Setting remote socket options (FD=1472)
2023.01.13 14:03:42 LOG7[16572]: Option TCP_NODELAY set on remote socket
2023.01.13 14:03:42 LOG7[16572]: Remote descriptor (FD=1472) initialized
2023.01.13 14:03:42 LOG6[16572]: SSL_read: Socket is closed
2023.01.13 14:03:42 LOG6[16572]: TLS socket closed (SSL_read)
2023.01.13 14:03:42 LOG7[16572]: Sent socket write shutdown
2023.01.13 14:03:42 LOG5[16572]: Connection closed: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
2023.01.13 14:03:42 LOG7[16572]: Remote descriptor (FD=1472) closed
2023.01.13 14:03:42 LOG7[16572]: Local descriptor (FD=1888) closed
2023.01.13 14:03:42 LOG7[16572]: Service [https] finished (1 left)
Any assistance you can provide would be glorious!
_________________________________
Gary Jackson