Hello
I realized that the latest RHEL6 updates including stunnel-4.29-3.el6_6.1 break our Stunnel connections!
We are forced to go back to previous version stunnel-4.29-3.el6_4 in order to have the systems running again, and blocking Stunnel updates in /etc/yum.conf for the moment.
Our typical client config and server configs are as follows:
Client (5.08): ********** client = yes compression = zlib sslversion = TLSv1 delay = yes debug = 7 taskbar = yes
cert = my.pem
[abas_ssh] accept = 127.0.30.10:5303 connect = firewall.client.dom:5303
Server, xinetd.d: ************* service stunnel_ssh { disable = no socket_type = stream instances = UNLIMITED per_source = UNLIMITED wait = no user = root server = /usr/bin/stunnel server_args = /etc/stunnel/stunnel_ssh.conf log_on_success += HOST DURATION log_on_failure += HOST }
Server, stunnel_ssh.conf **************** cert = /support/stunnel/cert/server.pem CApath = / support /stunnel/hash/ verify = 3 debug = 7 connect = 192.168.1.100:22
The error thrown is something like: Dec 17 17:30:23 srvabas stunnel: LOG3[3385:140171595282368]: SSL_accept: 140760FC: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
What are we missing? Do we need to change the configuration?
Any help is highly appreciated.
Kind regards H.U.Flueck