Hi All
I'm running stunnel on Windows Server 2012 R2 with the following config:
[test-qa] client = yes accept = 127.0.0.1:8080 connect = webaddress.com:443 cert = API-q-response.pfx CAfile = ca-certs.pem OCSPaia = yes
When I start the GUI I'm prompted for the certificate password then and then stunnel works fine, but I need it to run as a service. I've tried using the start menu stunnel Service Install button, I've also tried opening a command prompt in C:\Program Files (x86)\stunnel\config and running C:\Program Files (x86)\stunnel\bin\stunnel.exe -install, and I've also tried moving the config file and certs to the \bin directory and running stunnel -install there as well.
In all case the service installs ok, and when you run it, it starts (I can see it in the services tool), you can click the stunnel Configuration File Reload button in the start menu and it says the configuration was successfully reloaded, but it doesn't work when I try to use it. I've noticed two things that might be relevant:
1. At no point does it prompt me for the certificate password like it does when I load the GUI
2. The dialog boxes that open when the service is installed or started say "stunnel 5.40 on Win32 (not configured)
[cid:image001.png@01D2B81E.BD3E6BC0]
If anyone has any advice that would be greatly appreciated.
Thanks Adam
I think your problem is the password. Stunnel works fine as a service in Windows Server 2012R2, but there is no connection I am aware of between an interactive session and the service program. You might try modifying the start up command to include piping in the password from a file (which, of course, defeats the purpose of the password) to see if that is the issue.
I have found the delayed start option on the service sometimes works better to more sure any needed network services like dhcp are up and running before stunnel.
Good luck.
Carter
On 4/18/2017 3:36 AM, Adam Shackleton wrote:
Hi All
I’m running stunnel on Windows Server 2012 R2 with the following config:
[test-qa]
client = yes
accept = 127.0.0.1:8080
connect = webaddress.com:443
cert = API-q-response.pfx
CAfile = ca-certs.pem
OCSPaia = yes
When I start the GUI I’m prompted for the certificate password then and then stunnel works fine, but I need it to run as a service. I’ve tried using the start menu stunnel Service Install button, I’ve also tried opening a command prompt in C:\Program Files (x86)\stunnel\config and running C:\Program Files (x86)\stunnel\bin\stunnel.exe –install, and I’ve also tried moving the config file and certs to the \bin directory and running stunnel –install there as well.
In all case the service installs ok, and when you run it, it starts (I can see it in the services tool), you can click the stunnel Configuration File Reload button in the start menu and it says the configuration was successfully reloaded, but it doesn’t work when I try to use it. I’ve noticed two things that might be relevant:
1.At no point does it prompt me for the certificate password like it does when I load the GUI
2.The dialog boxes that open when the service is installed or started say “stunnel 5.40 on Win32 (not configured)
If anyone has any advice that would be greatly appreciated.
Thanks
Adam
stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users