I have downloaded the remote certificates, and configured stunnel:

client = no

accept = 127.0.0.1:9400

connect = 192.111.85.171:9400

cert = C:\Certificates\gain-futures-chain.pem

verifyChain = yes

verifyPeer = yes

checkHost = 192.111.85.171

checkIP = api.gainfutures.com

sslVersion = TLSv1.1

options = NO_SSLv2

options = NO_SSLv3

OCSPaia = yes

This results in the failure to initialize the tLS context:

2024.07.15 08:40:50 LOG7[service]: Found 1 ready file descriptor(s)

2024.07.15 08:40:50 LOG7[service]: FD=580 ifds=r-x ofds=r--

2024.07.15 08:40:50 LOG7[service]: FD=640 ifds=r-x ofds=---

2024.07.15 08:40:50 LOG7[service]: Dispatching a signal from the signal pipe

2024.07.15 08:40:50 LOG7[service]: Processing SIGNAL_RELOAD_CONFIG

2024.07.15 08:40:50 LOG6[service]: Initializing inetd mode configuration

2024.07.15 08:40:50 LOG7[service]: Running on Windows 6.2

2024.07.15 08:40:50 LOG5[service]: Reading configuration from file C:\Program Files (x86)\stunnel\config\stunnel.conf

2024.07.15 08:40:50 LOG5[service]: UTF-8 byte order mark not detected

2024.07.15 08:40:50 LOG5[service]: FIPS mode disabled

2024.07.15 08:40:50 LOG6[service]: Compression disabled

2024.07.15 08:40:50 LOG7[service]: No PRNG seeding was required

2024.07.15 08:40:50 LOG6[service]: Initializing service [GainFuturesConnect]

2024.07.15 08:40:50 LOG7[service]: Initializing context [GainFuturesConnect]

2024.07.15 08:40:50 LOG6[service]: OpenSSL security level is used: 2

2024.07.15 08:40:50 LOG7[service]: Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK

2024.07.15 08:40:50 LOG7[service]: TLSv1.3 ciphersuites: TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256

2024.07.15 08:40:50 LOG7[service]: TLS options: 0x2100000 (+0x2000000, -0x0)

2024.07.15 08:40:50 LOG6[service]: Session resumption enabled

2024.07.15 08:40:50 LOG6[service]: Loading certificate from file: C:\Certificates\gain-futures-chain.pem

2024.07.15 08:40:50 LOG3[service]: error queue: ssl/ssl_rsa.c:472: error:0A080002:SSL routines::system lib

2024.07.15 08:40:50 LOG3[service]: error queue: crypto/bio/bss_file.c:300: error:10080002:BIO routines::system lib

2024.07.15 08:40:50 LOG3[service]: SSL_CTX_use_certificate_chain_file: crypto/bio/bss_file.c:297: error:80000002:system library::No such file or directory

2024.07.15 08:40:50 LOG3[service]: Service [GainFuturesConnect]: Failed to initialize TLS context

2024.07.15 08:40:50 LOG3[service]: Configuration failed

2024.07.15 08:40:50 LOG7[service]: Deallocating temporary section defaults

2024.07.15 08:40:50 LOG7[service]: Cleaning up context [(null)]

2024.07.15 08:40:50 LOG7[service]: Deallocating section [GainFuturesConnect]

2024.07.15 08:40:50 LOG7[service]: Cleaning up context [GainFuturesConnect]

2024.07.15 08:40:50 LOG3[service]: Failed to reload the configuration file

This is the best I can gather regarding getting verification of the REMOTE certificate. The problem is that I am unable to connect if I cannot verify their certificate - they are not looking at my certificate.

Any help would be appreciated.

Thank you!

-William Wood