Hi,
I got VeriSign Test SSL certificate. I have been trying to configure it with STunnel. But there are errors in STunnel. I have placed private key and CA signed certificate in a separate file named 'stunnel.pem'. Root and Intermediate certificates have been placed in following order in a file named 'ca.pem'
stunnel.pem
-----BEGIN RSA PRIVATE KEY----- encrypted key -----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE----- VeriSign signed certificate -----END CERTIFICATE-----
ca.pem -----BEGIN CERTIFICATE----- VeriSign Intermediate CA Certificate -----END CERTIFICATE-----
-----BEGIN CERTIFICATE----- VeriSign Root CA Certificate -----END CERTIFICATE-----
Here is stunnel.conf file.
;key = server.key cert = stunnel.pem
; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1
; Workaround for Eudora bug ;options = DONT_INSERT_EMPTY_FRAGMENTS
; Authentication stuff verify = 2 ; Don't forget to c_rehash CApath ;CApath = certs ; It's often easier to use CAfile CAfile = ca.pem ;CAfile=zosIntermediate.pem ; Don't forget to c_rehash CRLpath ;CRLpath = crls ; Alternatively you can use CRLfile ;CRLfile = crls.pem
; Some debugging stuff useful for troubleshooting ;debug = 7 output = stunnel.log
; Use it for client mode client = no
I have also tried to change order of certificates but nothing is working. Anyone have idea how it can work. Your cooperation will be highly appreciated.
Thanks,
Zubair