Dear all,
I am trying to connect via stunnel to O365 OWA.
Configuration file is below:
; Sample stunnel configuration file for Win64 by Michal Trojnara 2002-2022
; Some options used here may be inadequate for your particular configuration
; This sample file does *not* represent stunnel.conf defaults
; Please consult the manual for detailed description of available options
; **************************************************************************
; * Global options *
; **************************************************************************
; Debugging stuff (may be useful for troubleshooting)
debug = 7
output = stunnel.log
; Enable FIPS 140-2 mode if needed for compliance
;fips = yes
; Microsoft CryptoAPI engine allows for authentication with private keys
; stored in the Windows certificate store
; Each section using this feature also needs the "engineId = capi" option
engine = capi
; You also need to disable TLS 1.2 or later, because the CryptoAPI engine
; currently does not support PSS
;sslVersionMax = TLSv1.1
; TLSv1.1 requires security level 0 when compiled OpenSSL 3.0 and later
securityLevel = 0
; The pkcs11 engine allows for authentication with cryptographic
; keys isolated in a hardware or software token
; MODULE_PATH specifies the path to the pkcs11 module shared library,
; such as softhsm2-x64.dll or opensc-pkcs11.dll
; IMPORTANT: A 64-bit stunnel requires 64-bit PKCS#11 modules
; Each section using this feature also needs the "engineId = pkcs11" option
;engine = pkcs11
;engineCtrl = MODULE_PATH:softhsm2-x64.dll
;engineCtrl = PIN:1234
; **************************************************************************
; * Service defaults may also be specified in individual service sections *
; **************************************************************************
; Enable support for the insecure SSLv3 protocol
;options = -NO_SSLv3
; These options provide additional security at some performance degradation
;options = SINGLE_ECDH_USE
;options = SINGLE_DH_USE
; **************************************************************************
; * Include all configuration file fragments from the specified folder *
; **************************************************************************
;include = conf.d
; **************************************************************************
; * Service definitions (at least one service has to be defined) *
; **************************************************************************
; ***************************************** Example TLS client mode services
; Encrypted HTTP proxy authenticated with a client certificate
; located in the Windows certificate store
[O365]
client = yes
accept = 192.168.0.225:443
connect = outlook.office.com:443
engineId = capi
; Encrypted HTTP proxy authenticated with a client certificate
; located in a cryptographic token
;[example-pkcs11]
;client = yes
;accept = 127.0.0.1:8080
;connect = example.com:8443
;engineId = pkcs11
;cert = pkcs11:token=MyToken;object=MyCert
;key = pkcs11:token=MyToken;object=MyKey
; ***************************************** Example TLS server mode services
;[pop3s]
;accept = 995
;connect = 110
;cert = stunnel.pem
;[imaps]
;accept = 993
;connect = 143
;cert = stunnel.pem
; Either only expose this service to trusted networks, or require
; authentication when relaying emails originated from loopback.
; Otherwise the following configuration creates an open relay.
;[ssmtp]
;accept = 465
;connect = 25
;cert = stunnel.pem
; TLS front-end to a web server
;[https]
;accept = 443
;connect = 80
;cert = stunnel.pem
; "TIMEOUTclose = 0" is a workaround for a design flaw in Microsoft SChannel
; Microsoft implementations do not use TLS close-notify alert and thus they
; are vulnerable to truncation attacks
;TIMEOUTclose = 0
; Remote cmd.exe protected with PSK-authenticated TLS
; Create "secrets.txt" containing IDENTITY:KEY pairs
;[cmd]
;accept = 1337
;exec = c:\windows\system32\cmd.exe
;execArgs = cmd.exe
;PSKsecrets = secrets.txt
; vim:ft=dosini
In the browser (Firefox) I get the below error:
Secure Connection Failed
An error occurred during a connection to 192.168.0.225. SSL received a record that exceeded the maximum permissible length.
Error code: SSL_ERROR_RX_RECORD_TOO_LONG
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
Chrome says:
192.168.0.225 sent an invalid response.
Try running Windows Network Diagnostics.
ERR_SSL_PROTOCOL_ERROR
Logs are below:
Found 1 ready file descriptor(s)
2022.06.09 15:46:32 LOG7[main]: FD=604 ifds=r-x ofds=r--
2022.06.09 15:46:32 LOG7[main]: FD=908 ifds=r-x ofds=---
2022.06.09 15:46:32 LOG7[main]: Dispatching a signal from the signal pipe
2022.06.09 15:46:32 LOG7[main]: Processing SIGNAL_RELOAD_CONFIG
2022.06.09 15:46:33 LOG6[main]: Initializing inetd mode configuration
2022.06.09 15:46:33 LOG7[main]: Running on Windows 6.2
2022.06.09 15:46:33 LOG5[main]: Reading configuration from file C:\Program Files (x86)\stunnel\config\stunnel.conf
2022.06.09 15:46:33 LOG5[main]: UTF-8 byte order mark detected
2022.06.09 15:46:33 LOG7[main]: Enabling support for engine "capi"
2022.06.09 15:46:33 LOG6[main]: UI not supported by engine #1 (capi)
2022.06.09 15:46:33 LOG7[main]: Initializing engine #1 (capi)
2022.06.09 15:46:33 LOG6[main]: Engine #1 (capi) initialized
2022.06.09 15:46:33 LOG5[main]: FIPS mode disabled
2022.06.09 15:46:33 LOG6[main]: Compression enabled: 0 methods
2022.06.09 15:46:33 LOG7[main]: No PRNG seeding was required
2022.06.09 15:46:33 LOG6[main]: Initializing service [O365]
2022.06.09 15:46:33 LOG6[main]: User-specified security level set: 0
2022.06.09 15:46:33 LOG7[main]: Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK
2022.06.09 15:46:33 LOG7[main]: TLSv1.3 ciphersuites: TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256
2022.06.09 15:46:33 LOG7[main]: TLS options: 0x2100000 (+0x0, -0x0)
2022.06.09 15:46:33 LOG6[main]: Session resumption enabled
2022.06.09 15:46:33 LOG6[main]: Client certificate engine (capi) enabled
2022.06.09 15:46:33 LOG7[main]: No certificate or private key specified
2022.06.09 15:46:33 LOG4[main]: Service [O365] needs authentication to prevent MITM attacks
2022.06.09 15:46:33 LOG6[main]: DH initialization skipped: client section
2022.06.09 15:46:33 LOG7[main]: ECDH initialization
2022.06.09 15:46:33 LOG7[main]: ECDH initialized with curves X25519:P-256:X448:P-521:P-384
2022.06.09 15:46:33 LOG5[main]: Configuration successful
2022.06.09 15:46:33 LOG7[main]: Unbinding service [O365]
2022.06.09 15:46:33 LOG7[main]: Service [O365] closed (FD=908)
2022.06.09 15:46:33 LOG7[main]: Service [O365] closed
2022.06.09 15:46:33 LOG7[main]: Deallocating deployed section defaults
2022.06.09 15:46:33 LOG7[main]: Deallocating section [O365]
2022.06.09 15:46:33 LOG5[main]: Logging to C:\Users\radc\AppData\Local\stunnel.log
2022.06.09 15:46:33 LOG7[main]: Binding service [O365]
2022.06.09 15:46:33 LOG7[main]: Listening file descriptor created (FD=1580)
2022.06.09 15:46:33 LOG7[main]: Setting accept socket options (FD=1580)
2022.06.09 15:46:33 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket
2022.06.09 15:46:33 LOG6[main]: Service [O365] (FD=1580) bound to 192.168.0.225:443
2022.06.09 15:47:19 LOG7[17]: Service [O365] started
2022.06.09 15:47:19 LOG7[17]: Setting local socket options (FD=1624)
2022.06.09 15:47:19 LOG7[main]: FD=604 ifds=r-x ofds=---
2022.06.09 15:47:19 LOG7[17]: Option TCP_NODELAY set on local socket
2022.06.09 15:47:19 LOG5[17]: Service [O365] accepted connection from 192.168.0.200:55381
2022.06.09 15:47:19 LOG7[main]: FD=1580 ifds=r-x ofds=r--
2022.06.09 15:47:19 LOG6[17]: failover: priority, starting at entry #0
2022.06.09 15:47:19 LOG7[main]: Service [O365] accepted (FD=1608) from 192.168.0.200:55382
2022.06.09 15:47:19 LOG6[17]: s_connect: connecting 52.98.152.162:443
2022.06.09 15:47:19 LOG7[main]: Creating a new thread
2022.06.09 15:47:19 LOG7[main]: New thread created
2022.06.09 15:47:19 LOG7[18]: Service [O365] started
2022.06.09 15:47:19 LOG7[18]: Setting local socket options (FD=1608)
2022.06.09 15:47:19 LOG7[18]: Option TCP_NODELAY set on local socket
2022.06.09 15:47:19 LOG5[18]: Service [O365] accepted connection from 192.168.0.200:55382
2022.06.09 15:47:19 LOG6[18]: failover: priority, starting at entry #0
2022.06.09 15:47:19 LOG6[18]: s_connect: connecting 52.98.152.162:443
2022.06.09 15:47:19 LOG7[17]: s_connect: s_poll_wait 52.98.152.162:443: waiting 10 seconds
2022.06.09 15:47:19 LOG7[17]: FD=1596 ifds=rwx ofds=---
2022.06.09 15:47:19 LOG7[18]: s_connect: s_poll_wait 52.98.152.162:443: waiting 10 seconds
2022.06.09 15:47:19 LOG7[18]: FD=1204 ifds=rwx ofds=---
2022.06.09 15:47:19 LOG5[17]: s_connect: connected 52.98.152.162:443
2022.06.09 15:47:19 LOG5[17]: Service [O365] connected remote server from 10.57.2.17:57847
2022.06.09 15:47:19 LOG7[17]: Setting remote socket options (FD=1596)
2022.06.09 15:47:19 LOG7[17]: Option TCP_NODELAY set on remote socket
2022.06.09 15:47:19 LOG7[17]: Remote descriptor (FD=1596) initialized
2022.06.09 15:47:19 LOG6[17]: SNI: sending servername: outlook.office.com
2022.06.09 15:47:19 LOG6[17]: Peer certificate not required
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): before SSL initialization
2022.06.09 15:47:19 LOG7[17]: Initializing application specific data for session authenticated
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:19 LOG5[18]: s_connect: connected 52.98.152.162:443
2022.06.09 15:47:19 LOG5[18]: Service [O365] connected remote server from 10.57.2.17:57848
2022.06.09 15:47:19 LOG7[18]: Setting remote socket options (FD=1204)
2022.06.09 15:47:19 LOG7[18]: Option TCP_NODELAY set on remote socket
2022.06.09 15:47:19 LOG7[18]: Remote descriptor (FD=1204) initialized
2022.06.09 15:47:19 LOG6[18]: SNI: sending servername: outlook.office.com
2022.06.09 15:47:19 LOG6[18]: Peer certificate not required
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): before SSL initialization
2022.06.09 15:47:19 LOG7[18]: Initializing application specific data for session authenticated
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): SSLv3/TLS read server hello
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): SSLv3/TLS write change cipher spec
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): SSLv3/TLS read server hello
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): SSLv3/TLS write change cipher spec
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): SSLv3/TLS read server hello
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): TLSv1.3 read encrypted extensions
2022.06.09 15:47:19 LOG6[17]: Certificate verification disabled
2022.06.09 15:47:19 LOG6[17]: Certificate verification disabled
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): SSLv3/TLS read server certificate
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): TLSv1.3 read server certificate verify
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): SSLv3/TLS read finished
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:19 LOG7[17]: TLS state (connect): SSLv3/TLS write finished
2022.06.09 15:47:19 LOG7[17]: 2 client connect(s) requested
2022.06.09 15:47:19 LOG7[17]: 1 client connect(s) succeeded
2022.06.09 15:47:19 LOG7[17]: 0 client renegotiation(s) requested
2022.06.09 15:47:19 LOG7[17]: 0 session reuse(s)
2022.06.09 15:47:19 LOG6[17]: TLS connected: new session negotiated
2022.06.09 15:47:19 LOG6[17]: TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption)
2022.06.09 15:47:19 LOG6[17]: Peer temporary key: ECDH, P-384, 384 bits
2022.06.09 15:47:19 LOG7[17]: Compression: null, expansion: null
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): SSLv3/TLS read server hello
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): TLSv1.3 read encrypted extensions
2022.06.09 15:47:19 LOG6[18]: Certificate verification disabled
2022.06.09 15:47:19 LOG6[18]: Certificate verification disabled
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): SSLv3/TLS read server certificate
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): TLSv1.3 read server certificate verify
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): SSLv3/TLS read finished
2022.06.09 15:47:19 LOG7[18]: TLS state (connect): SSLv3/TLS write finished
2022.06.09 15:47:19 LOG7[18]: 2 client connect(s) requested
2022.06.09 15:47:19 LOG7[18]: 2 client connect(s) succeeded
2022.06.09 15:47:19 LOG7[18]: 0 client renegotiation(s) requested
2022.06.09 15:47:19 LOG7[18]: 0 session reuse(s)
2022.06.09 15:47:19 LOG6[18]: TLS connected: new session negotiated
2022.06.09 15:47:19 LOG6[18]: TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption)
2022.06.09 15:47:19 LOG6[18]: Peer temporary key: ECDH, P-384, 384 bits
2022.06.09 15:47:19 LOG7[18]: Compression: null, expansion: null
2022.06.09 15:47:20 LOG7[17]: TLS state (connect): SSL negotiation finished successfully
2022.06.09 15:47:20 LOG7[17]: TLS state (connect): SSL negotiation finished successfully
2022.06.09 15:47:20 LOG7[17]: Initializing application specific data for session authenticated
2022.06.09 15:47:20 LOG7[17]: Deallocating application specific data for session connect address
2022.06.09 15:47:20 LOG7[17]: New session callback
2022.06.09 15:47:20 LOG7[17]: Peer certificate was cached (4822 bytes)
2022.06.09 15:47:20 LOG6[17]: Session id: 8C30BA078B16527A627B472B16BD94469EF8EF2C2B3DC4DE83C9E9DD0454AE89
2022.06.09 15:47:20 LOG7[17]: TLS state (connect): SSLv3/TLS read server session ticket
2022.06.09 15:47:20 LOG7[17]: Remove session callback
2022.06.09 15:47:20 LOG7[17]: TLS alert (write): fatal: decode error
2022.06.09 15:47:20 LOG3[17]: SSL_read: ssl/record/rec_layer_s3.c:308: error:0A000126:SSL routines::unexpected eof while reading
2022.06.09 15:47:20 LOG5[17]: Connection reset: 517 byte(s) sent to TLS, 505 byte(s) sent to socket
2022.06.09 15:47:20 LOG7[17]: Remote descriptor (FD=1596) closed
2022.06.09 15:47:20 LOG7[17]: Local descriptor (FD=1624) closed
2022.06.09 15:47:20 LOG7[17]: Service [O365] finished (1 left)
2022.06.09 15:47:20 LOG7[main]: Found 1 ready file descriptor(s)
2022.06.09 15:47:20 LOG7[main]: FD=604 ifds=r-x ofds=---
2022.06.09 15:47:20 LOG7[main]: FD=1580 ifds=r-x ofds=r--
2022.06.09 15:47:20 LOG7[main]: Service [O365] accepted (FD=1132) from 192.168.0.200:55383
2022.06.09 15:47:20 LOG7[main]: Creating a new thread
2022.06.09 15:47:20 LOG7[main]: New thread created
2022.06.09 15:47:20 LOG7[19]: Service [O365] started
2022.06.09 15:47:20 LOG7[19]: Setting local socket options (FD=1132)
2022.06.09 15:47:20 LOG7[19]: Option TCP_NODELAY set on local socket
2022.06.09 15:47:20 LOG5[19]: Service [O365] accepted connection from 192.168.0.200:55383
2022.06.09 15:47:20 LOG6[19]: failover: priority, starting at entry #0
2022.06.09 15:47:20 LOG6[19]: s_connect: connecting 52.98.152.162:443
2022.06.09 15:47:20 LOG7[19]: s_connect: s_poll_wait 52.98.152.162:443: waiting 10 seconds
2022.06.09 15:47:20 LOG7[19]: FD=848 ifds=rwx ofds=---
2022.06.09 15:47:20 LOG7[18]: TLS state (connect): SSL negotiation finished successfully
2022.06.09 15:47:20 LOG7[18]: TLS state (connect): SSL negotiation finished successfully
2022.06.09 15:47:20 LOG7[18]: Initializing application specific data for session authenticated
2022.06.09 15:47:20 LOG7[18]: Deallocating application specific data for session connect address
2022.06.09 15:47:20 LOG7[18]: New session callback
2022.06.09 15:47:20 LOG7[18]: Deallocating application specific data for session connect address
2022.06.09 15:47:20 LOG6[18]: Session id: 052BDBEAEF57DAF30820ADD1223A0C800EC7C7FBEFC8D6ECAAA50A67383A26F8
2022.06.09 15:47:20 LOG7[18]: TLS state (connect): SSLv3/TLS read server session ticket
2022.06.09 15:47:20 LOG7[18]: Remove session callback
2022.06.09 15:47:20 LOG7[18]: TLS alert (write): fatal: decode error
2022.06.09 15:47:20 LOG3[18]: SSL_read: ssl/record/rec_layer_s3.c:308: error:0A000126:SSL routines::unexpected eof while reading
2022.06.09 15:47:20 LOG5[18]: Connection reset: 517 byte(s) sent to TLS, 505 byte(s) sent to socket
2022.06.09 15:47:20 LOG7[18]: Remote descriptor (FD=1204) closed
2022.06.09 15:47:20 LOG7[18]: Local descriptor (FD=1608) closed
2022.06.09 15:47:20 LOG7[18]: Service [O365] finished (1 left)
2022.06.09 15:47:20 LOG7[main]: Found 1 ready file descriptor(s)
2022.06.09 15:47:20 LOG7[main]: FD=604 ifds=r-x ofds=---
2022.06.09 15:47:20 LOG7[main]: FD=1580 ifds=r-x ofds=r--
2022.06.09 15:47:20 LOG7[main]: Service [O365] accepted (FD=844) from 192.168.0.200:55384
2022.06.09 15:47:20 LOG7[main]: Creating a new thread
2022.06.09 15:47:20 LOG7[main]: New thread created
2022.06.09 15:47:20 LOG7[20]: Service [O365] started
2022.06.09 15:47:20 LOG7[20]: Setting local socket options (FD=844)
2022.06.09 15:47:20 LOG7[20]: Option TCP_NODELAY set on local socket
2022.06.09 15:47:20 LOG5[20]: Service [O365] accepted connection from 192.168.0.200:55384
2022.06.09 15:47:20 LOG6[20]: failover: priority, starting at entry #0
2022.06.09 15:47:20 LOG6[20]: s_connect: connecting 52.98.152.162:443
2022.06.09 15:47:20 LOG7[20]: s_connect: s_poll_wait 52.98.152.162:443: waiting 10 seconds
2022.06.09 15:47:20 LOG7[20]: FD=1120 ifds=rwx ofds=---
2022.06.09 15:47:20 LOG5[19]: s_connect: connected 52.98.152.162:443
2022.06.09 15:47:20 LOG5[19]: Service [O365] connected remote server from 10.57.2.17:57849
2022.06.09 15:47:20 LOG7[19]: Setting remote socket options (FD=848)
2022.06.09 15:47:20 LOG7[19]: Option TCP_NODELAY set on remote socket
2022.06.09 15:47:20 LOG7[19]: Remote descriptor (FD=848) initialized
2022.06.09 15:47:20 LOG6[19]: SNI: sending servername: outlook.office.com
2022.06.09 15:47:20 LOG6[19]: Peer certificate not required
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): before SSL initialization
2022.06.09 15:47:20 LOG7[19]: Initializing application specific data for session authenticated
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:20 LOG5[20]: s_connect: connected 52.98.152.162:443
2022.06.09 15:47:20 LOG5[20]: Service [O365] connected remote server from 10.57.2.17:57850
2022.06.09 15:47:20 LOG7[20]: Setting remote socket options (FD=1120)
2022.06.09 15:47:20 LOG7[20]: Option TCP_NODELAY set on remote socket
2022.06.09 15:47:20 LOG7[20]: Remote descriptor (FD=1120) initialized
2022.06.09 15:47:20 LOG6[20]: SNI: sending servername: outlook.office.com
2022.06.09 15:47:20 LOG6[20]: Peer certificate not required
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): before SSL initialization
2022.06.09 15:47:20 LOG7[20]: Initializing application specific data for session authenticated
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSLv3/TLS read server hello
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSLv3/TLS write change cipher spec
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSLv3/TLS read server hello
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSLv3/TLS write change cipher spec
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSLv3/TLS write client hello
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSLv3/TLS read server hello
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): TLSv1.3 read encrypted extensions
2022.06.09 15:47:20 LOG6[19]: Certificate verification disabled
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSLv3/TLS read server hello
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): TLSv1.3 read encrypted extensions
2022.06.09 15:47:20 LOG6[19]: Certificate verification disabled
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSLv3/TLS read server certificate
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): TLSv1.3 read server certificate verify
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSLv3/TLS read finished
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSLv3/TLS write finished
2022.06.09 15:47:20 LOG7[19]: 4 client connect(s) requested
2022.06.09 15:47:20 LOG7[19]: 3 client connect(s) succeeded
2022.06.09 15:47:20 LOG7[19]: 0 client renegotiation(s) requested
2022.06.09 15:47:20 LOG7[19]: 0 session reuse(s)
2022.06.09 15:47:20 LOG6[19]: TLS connected: new session negotiated
2022.06.09 15:47:20 LOG6[19]: TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption)
2022.06.09 15:47:20 LOG6[19]: Peer temporary key: ECDH, P-384, 384 bits
2022.06.09 15:47:20 LOG7[19]: Compression: null, expansion: null
2022.06.09 15:47:20 LOG6[20]: Certificate verification disabled
2022.06.09 15:47:20 LOG6[20]: Certificate verification disabled
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSLv3/TLS read server certificate
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): TLSv1.3 read server certificate verify
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSLv3/TLS read finished
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSLv3/TLS write finished
2022.06.09 15:47:20 LOG7[20]: 4 client connect(s) requested
2022.06.09 15:47:20 LOG7[20]: 4 client connect(s) succeeded
2022.06.09 15:47:20 LOG7[20]: 0 client renegotiation(s) requested
2022.06.09 15:47:20 LOG7[20]: 0 session reuse(s)
2022.06.09 15:47:20 LOG6[20]: TLS connected: new session negotiated
2022.06.09 15:47:20 LOG6[20]: TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption)
2022.06.09 15:47:20 LOG6[20]: Peer temporary key: ECDH, P-384, 384 bits
2022.06.09 15:47:20 LOG7[20]: Compression: null, expansion: null
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSL negotiation finished successfully
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSL negotiation finished successfully
2022.06.09 15:47:20 LOG7[19]: Initializing application specific data for session authenticated
2022.06.09 15:47:20 LOG7[19]: Deallocating application specific data for session connect address
2022.06.09 15:47:20 LOG7[19]: New session callback
2022.06.09 15:47:20 LOG7[19]: Deallocating application specific data for session connect address
2022.06.09 15:47:20 LOG6[19]: Session id: 3E857D78696F2321EDEE2F622CDB1A050B70B915FB7A6DD37C5DE86EC311534F
2022.06.09 15:47:20 LOG7[19]: TLS state (connect): SSLv3/TLS read server session ticket
2022.06.09 15:47:20 LOG7[19]: Remove session callback
2022.06.09 15:47:20 LOG7[19]: TLS alert (write): fatal: decode error
2022.06.09 15:47:20 LOG3[19]: SSL_read: ssl/record/rec_layer_s3.c:308: error:0A000126:SSL routines::unexpected eof while reading
2022.06.09 15:47:20 LOG5[19]: Connection reset: 517 byte(s) sent to TLS, 505 byte(s) sent to socket
2022.06.09 15:47:20 LOG7[19]: Remote descriptor (FD=848) closed
2022.06.09 15:47:20 LOG7[19]: Local descriptor (FD=1132) closed
2022.06.09 15:47:20 LOG7[19]: Service [O365] finished (1 left)
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSL negotiation finished successfully
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSL negotiation finished successfully
2022.06.09 15:47:20 LOG7[20]: Initializing application specific data for session authenticated
2022.06.09 15:47:20 LOG7[20]: Deallocating application specific data for session connect address
2022.06.09 15:47:20 LOG7[20]: New session callback
2022.06.09 15:47:20 LOG7[20]: Deallocating application specific data for session connect address
2022.06.09 15:47:20 LOG6[20]: Session id: E65F2E71C3EF8E156FA8FAEB5AD445887573D80ED9889F65524514A6ABC02D99
2022.06.09 15:47:20 LOG7[20]: TLS state (connect): SSLv3/TLS read server session ticket
2022.06.09 15:47:20 LOG7[20]: Remove session callback
2022.06.09 15:47:20 LOG7[20]: TLS alert (write): fatal: decode error
2022.06.09 15:47:20 LOG3[20]: SSL_read: ssl/record/rec_layer_s3.c:308: error:0A000126:SSL routines::unexpected eof while reading
2022.06.09 15:47:20 LOG5[20]: Connection reset: 517 byte(s) sent to TLS, 505 byte(s) sent to socket
2022.06.09 15:47:20 LOG7[20]: Remote descriptor (FD=1120) closed
2022.06.09 15:47:20 LOG7[20]: Local descriptor (FD=844) closed
2022.06.09 15:47:20 LOG7[20]: Service [O365] finished (0 left)
Do you have any ideas?
_______________________________________________
stunnel-users mailing list -- stunnel-users@stunnel.org
To unsubscribe send an email to stunnel-users-leave@stunnel.org