Hello,
I am facing the below difficulties while using a stunnel for CA File as TLS Server. -- TLS Server running in Windows -- Use of CA File -- Cipher use from client is: -- ciphers = ECDHE-ECDSA-AES256-GCM-SHA384
21.07.20 23:38:32 LOG7[11]: Decrypt session ticket callback 2021.07.20 23:38:32 LOG7[11]: Initializing application specific data for session authenticated 2021.07.20 23:38:32 LOG7[11]: SNI: no virtual services defined 2021.07.20 23:38:32 LOG7[11]: TLS alert (write): fatal: handshake failure 2021.07.20 23:38:32 LOG3[11]: SSL_accept: ssl/statem/statem_srvr.c:2283: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher 2021.07.20 23:38:32 LOG5[11]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2021.07.20 23:38:32 LOG7[11]: Deallocating application specific data for session connect address 2021.07.20 23:38:32 LOG7[11]: Local descriptor (FD=1000) closed 2021.07.20 23:38:32 LOG7[11]: Service [Server] finished (0 left)
If this cipher is removed, this validation is passed. Is this cipher not supported? Stunnel version is 5.59. Even if verifypeer is disabled, there is no gain.
Conf file: [Server] accept = 443 connect = 8888 sslVersion = TLSv1.2 ciphers = ECDHE-ECDSA-AES256-GCM-SHA384 verifyChain = no ;verifyPeer = no ;verify = 1 CAfile = xyz.crt cert = xyz.crt key = key.pem options = NO_SSLv2 options = NO_SSLv3 debug = 7