Dear All,
I am trying to set an https layer using stunnel. I am having problems with the intermediary certificate since it appears broken to the user. You may find a screenshot here:
http://u-journal.org/stunnel/Root_Cert_Err.jpg
My stunnel version is: 3.26 running on Debian 3.1
I run stunnel as standalone with this parameters:
stunnel -d 10.123.16.103:443 -D 7 -R /etc/ssl/certs/stunnel.rnd \ -p /etc/ssl/certs/stunnel.pem -o /var/log/stunnel/stunnel.log \ -r 10.123.16.103:80 -N https
You may find the output of my stunnel -V here: http://pastebin.ca/793495
uname -a: Linux lb2-dp-vm 2.6.8-3-686 #1 Tue Dec 5 21:26:38 UTC 2006 i686 GNU/Linux
openssl version: OpenSSL 0.9.7e 25 Oct 2004
So, if I create my /etc/ssl/certs/stunnel.pem file like this:
-----BEGIN RSA PRIVATE KEY----- rsa_priv_key -----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE----- secured.behringer.com_certificate -----END CERTIFICATE-----
-- OR --
-----BEGIN RSA PRIVATE KEY----- rsa_priv_key -----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE----- secured.behringer.com_certificate -----END CERTIFICATE-----
-----BEGIN CERTIFICATE----- VeriSign Intermediate CA Certificate (https://www.verisign.com.sg/support/ssl/install/intermediate/secure.shtml) -----END CERTIFICATE-----
I get the mentioned error. If I create the /etc/ssl/certs/stunnel.pem like this:
-----BEGIN RSA PRIVATE KEY----- rsa_priv_key -----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE----- VeriSign Intermediate CA Certificate (https://www.verisign.com.sg/support/ssl/install/intermediate/secure.shtml) -----END CERTIFICATE-----
-----BEGIN CERTIFICATE----- secured.behringer.com_certificate -----END CERTIFICATE-----
I get the error: "[...] X509_check_private_key:key values mismatch"
You may see the log here: http://pastebin.ca/793500
Any clues on what am I doing wrong?
Thank you so much! unai