Hi all, Need your help.

 

When I configured the Stunnel without the Engine LunaCA3 (product from SafeNet), everything worked fine. After add the global option with the engine:

engine=LunaCA3

    engineCtrl=SO_PATH:/usr/local/ssl/lib/engines/liblunaca3.so

 

I got the following error. I also searched previous engine issues and saw someone else with the similar issues. Hope that the issue was resolved.

 

The Stunnel and the open SSL info: stunnel 5.20 on x86_64 Linux. Compiled/running with OpenSSL 1.0.1i-fips. The setting is for server with sslVersion = TLSv1 and ciphers = AES128-SHA.

 

 

2015.09.08 11:11:01 LOG7[0]: SSL state (accept): SSLv3 read client certificate A

2015.09.08 11:11:01 LOG7[0]: SSL state (accept): SSLv3 read client key exchange A

2015.09.08 11:11:01 LOG7[0]: SSL state (accept): SSLv3 read certificate verify A

2015.09.08 11:11:01 LOG7[0]: SSL alert (write): fatal: bad record mac

2015.09.08 11:11:01 LOG3[0]: SSL_accept: 1408F119: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac

2015.09.08 11:11:01 LOG5[0]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket

2015.09.08 11:11:01 LOG7[0]: Deallocating application specific data for addr index

2015.09.08 11:11:01 LOG7[0]: Local socket (FD=3) closed

 

Any help and info are greatly appreciated!!

 

Thanks

 

Ann Donne

 

This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message.