[stunnel-users] Help please.

Hi

I need to enable a tunnel_out for UTL_HTTP from http:// to https://

I installed stunnel 5.34 win32 in a windows 2008 server.

I am including my stunnel.conf y log file (debug=7)

As you can see in the log file, I get this error:

2019.12.01 14:08:12 LOG3[7]: SSL_accept: 1407609C: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request

Could you help me please?

MY stunnel.conf---

debug = 7

output = stunnel.log

[https]

accept = 127.0.0.1:80

connect = sub.dominio.com:443

cert = stunnel.pem

TIMEOUTclose = 0

This version has openssl[cid:b6de9085-07c4-43d0-b772-bb9beb37c2ac]

MY LOG---

2019.12.01 14:00:37 LOG7[cron]: Cron thread initialized 2019.12.01 14:00:37 LOG7[main]: No limit detected for the number of clients 2019.12.01 14:00:37 LOG5[main]: stunnel 5.34 on x86-pc-msvc-1500 platform 2019.12.01 14:00:37 LOG5[main]: Compiled/running with OpenSSL 1.0.2h-fips 3 May 2016 2019.12.01 14:00:37 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI 2019.12.01 14:00:37 LOG7[main]: errno: (*_errno()) 2019.12.01 14:00:37 LOG7[ui]: GUI message loop initialized 2019.12.01 14:00:37 LOG5[main]: Reading configuration from file stunnel.conf 2019.12.01 14:00:37 LOG5[main]: UTF-8 byte order mark detected 2019.12.01 14:00:37 LOG5[main]: FIPS mode disabled 2019.12.01 14:00:37 LOG7[main]: Compression disabled 2019.12.01 14:00:37 LOG7[main]: Snagged 64 random bytes from C:/.rnd 2019.12.01 14:00:37 LOG7[main]: Wrote 1024 new random bytes to C:/.rnd 2019.12.01 14:00:37 LOG7[main]: PRNG seeded successfully 2019.12.01 14:00:37 LOG6[main]: Initializing service [https] 2019.12.01 14:00:38 LOG6[main]: Loading certificate from file: stunnel.pem 2019.12.01 14:00:38 LOG6[main]: Certificate loaded from file: stunnel.pem 2019.12.01 14:00:38 LOG6[main]: Loading private key from file: stunnel.pem 2019.12.01 14:00:38 LOG6[main]: Private key loaded from file: stunnel.pem 2019.12.01 14:00:38 LOG7[main]: Private key check succeeded 2019.12.01 14:00:38 LOG7[main]: DH initialization 2019.12.01 14:00:38 LOG7[main]: Could not load DH parameters from stunnel.pem 2019.12.01 14:00:38 LOG6[main]: Using dynamic DH parameters 2019.12.01 14:00:38 LOG7[main]: ECDH initialization 2019.12.01 14:00:38 LOG7[main]: ECDH initialized with curve prime256v1 2019.12.01 14:00:38 LOG7[main]: SSL options: 0x03004004 (+0x03004000, -0x00000000) 2019.12.01 14:00:38 LOG5[main]: Configuration successful 2019.12.01 14:00:38 LOG7[main]: Listening file descriptor created (FD=352) 2019.12.01 14:00:38 LOG7[main]: Service [https] (FD=352) bound to 127.0.0.1:80 2019.12.01 14:00:59 LOG7[main]: Found 1 ready file descriptor(s) 2019.12.01 14:00:59 LOG7[main]: FD=260 ifds=r-x ofds=r-- 2019.12.01 14:00:59 LOG7[main]: Dispatching signals from the signal pipe 2019.12.01 14:00:59 LOG7[main]: Processing SIGNAL_RELOAD_CONFIG 2019.12.01 14:00:59 LOG5[main]: Reading configuration from file stunnel.conf 2019.12.01 14:00:59 LOG5[main]: UTF-8 byte order mark detected 2019.12.01 14:00:59 LOG5[main]: FIPS mode disabled 2019.12.01 14:00:59 LOG7[main]: Compression disabled 2019.12.01 14:00:59 LOG7[main]: Snagged 64 random bytes from C:/.rnd 2019.12.01 14:00:59 LOG7[main]: Wrote 1024 new random bytes to C:/.rnd 2019.12.01 14:00:59 LOG7[main]: PRNG seeded successfully 2019.12.01 14:00:59 LOG6[main]: Initializing service [https] 2019.12.01 14:00:59 LOG6[main]: Loading certificate from file: stunnel.pem 2019.12.01 14:00:59 LOG6[main]: Certificate loaded from file: stunnel.pem 2019.12.01 14:00:59 LOG6[main]: Loading private key from file: stunnel.pem 2019.12.01 14:00:59 LOG6[main]: Private key loaded from file: stunnel.pem 2019.12.01 14:00:59 LOG7[main]: Private key check succeeded 2019.12.01 14:00:59 LOG7[main]: DH initialization 2019.12.01 14:00:59 LOG7[main]: Could not load DH parameters from stunnel.pem 2019.12.01 14:00:59 LOG6[main]: Using dynamic DH parameters 2019.12.01 14:00:59 LOG7[main]: ECDH initialization 2019.12.01 14:00:59 LOG7[main]: ECDH initialized with curve prime256v1 2019.12.01 14:00:59 LOG7[main]: SSL options: 0x03004004 (+0x03004000, -0x00000000) 2019.12.01 14:00:59 LOG5[main]: Configuration successful 2019.12.01 14:00:59 LOG7[main]: Closing service [https] 2019.12.01 14:00:59 LOG7[main]: Service [https] closed (FD=352) 2019.12.01 14:00:59 LOG7[main]: Service [https] closed 2019.12.01 14:00:59 LOG7[main]: Listening file descriptor created (FD=352) 2019.12.01 14:00:59 LOG7[main]: Service [https] (FD=352) bound to 127.0.0.1:80 2019.12.01 14:00:59 LOG7[main]: Signal pipe is empty 2019.12.01 14:01:37 LOG6[cron]: Executing cron jobs 2019.12.01 14:01:37 LOG5[cron]: Updating DH parameters 2019.12.01 14:01:37 LOG7[main]: Found 1 ready file descriptor(s) 2019.12.01 14:01:37 LOG7[main]: FD=260 ifds=r-x ofds=--- 2019.12.01 14:01:37 LOG7[main]: Service [https] accepted (FD=420) from 127.0.0.1:56581 2019.12.01 14:01:37 LOG7[main]: Creating a new thread 2019.12.01 14:01:37 LOG7[main]: New thread created 2019.12.01 14:01:37 LOG7[0]: Service [https] started 2019.12.01 14:01:37 LOG5[0]: Service [https] accepted connection from 127.0.0.1:56581 2019.12.01 14:01:37 LOG7[0]: SSL state (accept): before/accept initialization 2019.12.01 14:01:37 LOG7[main]: Found 1 ready file descriptor(s) 2019.12.01 14:01:37 LOG7[main]: FD=260 ifds=r-x ofds=--- 2019.12.01 14:01:37 LOG7[main]: Service [https] accepted (FD=440) from 127.0.0.1:56582 2019.12.01 14:01:37 LOG7[main]: Creating a new thread 2019.12.01 14:01:37 LOG7[main]: New thread created 2019.12.01 14:01:37 LOG7[1]: Service [https] started 2019.12.01 14:01:37 LOG5[1]: Service [https] accepted connection from 127.0.0.1:56582 2019.12.01 14:01:37 LOG7[1]: SSL state (accept): before/accept initialization 2019.12.01 14:01:37 LOG3[0]: SSL_accept: 1407609C: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request 2019.12.01 14:01:37 LOG5[0]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket 2019.12.01 14:01:37 LOG7[0]: Local descriptor (FD=420) closed 2019.12.01 14:01:37 LOG7[0]: Service [https] finished (1 left) 2019.12.01 14:01:37 LOG3[1]: SSL_accept: 1407609C: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request 2019.12.01 14:01:37 LOG5[1]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket 2019.12.01 14:01:37 LOG7[1]: Local descriptor (FD=440) closed 2019.12.01 14:01:37 LOG7[1]: Service [https] finished (0 left) 2019.12.01 14:01:37 LOG7[main]: Found 1 ready file descriptor(s) 2019.12.01 14:01:37 LOG7[main]: FD=260 ifds=r-x ofds=--- 2019.12.01 14:01:37 LOG7[main]: Service [https] accepted (FD=448) from 127.0.0.1:56583 2019.12.01 14:01:37 LOG7[main]: Creating a new thread 2019.12.01 14:01:37 LOG7[main]: New thread created 2019.12.01 14:01:37 LOG7[2]: Service [https] started 2019.12.01 14:01:37 LOG5[2]: Service [https] accepted connection from 127.0.0.1:56583 2019.12.01 14:01:37 LOG7[2]: SSL state (accept): before/accept initialization 2019.12.01 14:01:37 LOG3[2]: SSL_accept: 1407609C: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request 2019.12.01 14:01:37 LOG5[2]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket 2019.12.01 14:01:37 LOG7[2]: Local descriptor (FD=448) closed 2019.12.01 14:01:37 LOG7[2]: Service [https] finished (0 left) 2019.12.01 14:01:37 LOG7[main]: Found 1 ready file descriptor(s) 2019.12.01 14:01:37 LOG7[main]: FD=260 ifds=r-x ofds=--- 2019.12.01 14:01:37 LOG7[main]: Service [https] accepted (FD=452) from 127.0.0.1:56584 2019.12.01 14:01:37 LOG7[main]: Creating a new thread 2019.12.01 14:01:37 LOG7[main]: New thread created 2019.12.01 14:01:37 LOG7[3]: Service [https] started 2019.12.01 14:01:37 LOG5[3]: Service [https] accepted connection from 127.0.0.1:56584 2019.12.01 14:01:37 LOG7[3]: SSL state (accept): before/accept initialization 2019.12.01 14:01:37 LOG3[3]: SSL_accept: 1407609C: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request 2019.12.01 14:01:37 LOG5[3]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket 2019.12.01 14:01:37 LOG7[3]: Local descriptor (FD=452) closed 2019.12.01 14:01:37 LOG7[3]: Service [https] finished (0 left)

Thanks in advance.