I’m trying to create a FIX application that interfaces with ICE using Stunnel to provide encryption.
I’m encountering a handshake failure trying to interface with the FIX application.
I’ve copies portions of the Stunnel configuration file as well as the entire FIX configuration file below.
Can you do a quick review of the two configuration files and tell me what I’m doing wrong?
Both FIX and Stunnel are running on the same Windows 10 virtual pc.
*** Stunnel ERRORS with accept set to 127.0.0.1:83 ***
2023.02.21 20:07:13 LOG5[main]: stunnel 5.68 on x64-pc-mingw32-gnu platform
2023.02.21 20:07:13 LOG5[main]: Compiled/running with OpenSSL 3.0.8 7 Feb 2023
2023.02.21 20:07:13 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI
2023.02.21 20:07:13 LOG5[main]: Reading configuration from file C:\Program Files (x86)\stunnel\config\stunnel.conf
2023.02.21 20:07:13 LOG5[main]: UTF-8 byte order mark detected
2023.02.21 20:07:13 LOG5[main]: FIPS mode disabled
2023.02.21 20:07:13 LOG3[main]: No trusted certificates found
2023.02.21 20:07:13 LOG5[main]: Configuration successful
2023.02.21 20:07:25 LOG5[0]: Service [fix_initiator_session1_tunnel] accepted connection from 127.0.0.1:62314
2023.02.21 20:07:25 LOG5[0]: s_connect: connected 63.247.113.201:443
2023.02.21 20:07:25 LOG5[0]: Service [fix_initiator_session1_tunnel] connected remote server from 192.168.1.219:62315
2023.02.21 20:07:25 LOG3[0]: SSL_connect: ssl/record/rec_layer_s3.c:1605: error:0A000410:SSL routines::sslv3 alert handshake failure
2023.02.21 20:07:25 LOG5[0]: Connection closed/reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
2023.02.21 20:07:26 LOG5[1]: Service [fix_initiator_session1_tunnel] accepted connection from 127.0.0.1:62316
2023.02.21 20:07:26 LOG5[1]: s_connect: connected 63.247.113.201:443
2023.02.21 20:07:26 LOG5[1]: Service [fix_initiator_session1_tunnel] connected remote server from 192.168.1.219:62317
2023.02.21 20:07:26 LOG3[1]: SSL_connect: ssl/record/rec_layer_s3.c:1605: error:0A000410:SSL routines::sslv3 alert handshake failure
2023.02.21 20:07:26 LOG5[1]: Connection closed/reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
*** FIX ERRORS with accept set to 127.0.0.1:49200 ***
Same errors in stunnel, but (Socket Error: An existing connection was forcibly closed by the remote host.) in FIX Application
*** Stunnel configuration ***
[fix_initiator_session1_tunnel]
client = yes
accept = 127.0.0.1:83
connect = 63.247.113.201:443
cert = stunnel.pem
ciphers = PSK
PSKsecrets = psk.txt
*** FIX 4.4 Configuration ***
[DEFAULT]
ConnectionType=initiator
ReconnectInterval=60
FileStorePath=c:\Temp\WebIce_Initiator
FileLogPath=c:\Temp\WebIce_Initiator
StartTime=00:00:00
EndTime=23:59:59
SocketConnectHost=127.0.0.1
SocketConnectPort=83
ResetOnLogon=Y
ResetOnLogout=Y
ResetOnDisconnect=Y
[SESSION]
BeginString=FIX.4.4
SenderCompID=8655
SenderSubID=0921
TargetCompID=ICE
HeartBtInt=30
ValidateFieldsOutOfOrder=N
UseDataDictionary=Y
DataDictionary=C:\Applications\WebIceInitiator_Pub\FIX44.xml
CheckLatency=N
SSLEnable=Y
SSLProtocols=Tls12
SSLValidateCertificates=N
SSLCertificateRevocation=N
SSLCertificate=C:\Applications\WebIceInitiator_Pub\Wildcard.ingsoftware.net.pfx
SSLCertificatePassword=9322
SSLRequireClientCertificate=N
ScreenLogEvents=N
ScreenLogShowIncoming=N
ScreenLogShowOutgoing=N
ScreenLogShowHeartBeats=N