Getting closer. I now get-
[van@mailserver ]$ sudo stunnel /usr/local/etc/stunnel/stunnel.conf localhost:ipop3
2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ local/etc/stunnel/mail.pem 2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ local/etc/stunnel/mail.pem 2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ local/etc/stunnel/mail.pem
But that doesn't make sense to me. mail.pem permissions are the same as my cert's and it works fine.
[van@mailserver change_passwd]$ ls -al /usr/local/etc/stunnel/mail.pem -rw-r--r-- 1 root root 2942 Jun 20 18:21 /usr/local/etc/stunnel/ mail.pem
[van@mailserver change_passwd]$ ls -al /etc/httpd/certs/www.crt -rw-r--r-- 1 root root 1074 Jun 1 12:30 /etc/httpd/certs/www.crt
Is the error misleading? Or what should the mail.pem perms be?
Van
On Jun 20, 2007, at 9:33 PM, Kevin Cook wrote:
If you are using a stunnel.conf file, I would replace the '-d pop3s -r' with the absolute path to the .conf file:
sudo /usr/local/sbin/stunnel /usr/local/etc/stunnel/stunnel.conf
I believe command line options were typically used more in older versions, but now all configuration is done in the configuration file.
Kevin
-----Original Message----- From: Van [mailto:vanyel@medusa.bioc.aecom.yu.edu] Sent: Wednesday, June 20, 2007 6:03 PM To: stunnel-users@mirt.net Subject: [stunnel-users] Trying to get stunnel to work for forwarding pop3sto ipop3 port
Hello,
This is my introduction to stunnel. I've inherited control of a pop3 and imap server running Red Hat Linux 4 that I want to access via pop3s and imaps. I'm starting out with securing the pop3 since most users are using it.
I downloaded stunnel 4.20 and compiled it according to the instructions on stunnel.org.
I read the certificates section of the site and made a new .pem file that I named mail.pem and have in the /usr/local/etc/stunnel/ directory that /usr/local/etc/stunnel/stunnel.conf asks for. But when I try to run stunnel like in the Examples section I get :
[van@mailserver ~]$ sudo /usr/local/sbin/stunnel -d pop3s -r localhost:ipop3 2007.06.20 17:59:54 LOG3[25516:3086419648]: -d: No such file or directory (2) Syntax: stunnel [<filename>] ] -fd <n> | -help | -version | -sockets <filename> - use specified config file instead of /usr/local/ etc/stunnel/stunnel.conf -fd <n> - read the config file from a file descriptor -help - get config file help -version - display version and defaults -sockets - display default socket options
I'm a little lost here. Never dealt with a .pem file before stunnel. I have a self-signed cert I'm successfully using for https webmail on the server and guessing stunnel couldn't see that, I appended my file 'mailserver.crt' into my mail.pem file and edited stunnel.conf so it has
;CAfile = /usr/local/etc/stunnel/certs.pem CAfile = /usr/local/etc/stunnel/mail.pem
but no dice. Same result.
Trying to debug, I find 'stunnel -V' also gives the same result.
Can someone point out what's going wrong?
-Van _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
I did a simple search on Google for "stunnel Wrong permissions on" and followed the very first link:
http://ipucu.enderunix.org/view.php?id=973&lang=en
"Wrong permissions on /usr/local/etc/stunnel/stunnel.pem" - Ýsmail Yenigül - (2006-03-07 19:12:40) [1934]
if you get this error message issue the following command to fix the permission.
# chmod 600 /usr/local/etc/stunnel/stunnel.pem
HTH. Regards.
On Thu, 2007-06-21 at 12:23 -0400, Van wrote:
Getting closer. I now get-
[van@mailserver ]$ sudo stunnel /usr/local/etc/stunnel/stunnel.conf localhost:ipop3
2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ local/etc/stunnel/mail.pem 2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ local/etc/stunnel/mail.pem 2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/ local/etc/stunnel/mail.pem
But that doesn't make sense to me. mail.pem permissions are the same as my cert's and it works fine.
[van@mailserver change_passwd]$ ls -al /usr/local/etc/stunnel/mail.pem -rw-r--r-- 1 root root 2942 Jun 20 18:21 /usr/local/etc/stunnel/ mail.pem
[van@mailserver change_passwd]$ ls -al /etc/httpd/certs/www.crt -rw-r--r-- 1 root root 1074 Jun 1 12:30 /etc/httpd/certs/www.crt
Is the error misleading? Or what should the mail.pem perms be?
Van
On Jun 20, 2007, at 9:33 PM, Kevin Cook wrote:
If you are using a stunnel.conf file, I would replace the '-d pop3s -r' with the absolute path to the .conf file:
sudo /usr/local/sbin/stunnel /usr/local/etc/stunnel/stunnel.conf
I believe command line options were typically used more in older versions, but now all configuration is done in the configuration file.
Kevin
-----Original Message----- From: Van [mailto:vanyel@medusa.bioc.aecom.yu.edu] Sent: Wednesday, June 20, 2007 6:03 PM To: stunnel-users@mirt.net Subject: [stunnel-users] Trying to get stunnel to work for forwarding pop3sto ipop3 port
Hello,
This is my introduction to stunnel. I've inherited control of a pop3 and imap server running Red Hat Linux 4 that I want to access via pop3s and imaps. I'm starting out with securing the pop3 since most users are using it.
I downloaded stunnel 4.20 and compiled it according to the instructions on stunnel.org.
I read the certificates section of the site and made a new .pem file that I named mail.pem and have in the /usr/local/etc/stunnel/ directory that /usr/local/etc/stunnel/stunnel.conf asks for. But when I try to run stunnel like in the Examples section I get :
[van@mailserver ~]$ sudo /usr/local/sbin/stunnel -d pop3s -r localhost:ipop3 2007.06.20 17:59:54 LOG3[25516:3086419648]: -d: No such file or directory (2) Syntax: stunnel [<filename>] ] -fd <n> | -help | -version | -sockets <filename> - use specified config file instead of /usr/local/ etc/stunnel/stunnel.conf -fd <n> - read the config file from a file descriptor -help - get config file help -version - display version and defaults -sockets - display default socket options
I'm a little lost here. Never dealt with a .pem file before stunnel. I have a self-signed cert I'm successfully using for https webmail on the server and guessing stunnel couldn't see that, I appended my file 'mailserver.crt' into my mail.pem file and edited stunnel.conf so it has
;CAfile = /usr/local/etc/stunnel/certs.pem CAfile = /usr/local/etc/stunnel/mail.pem
but no dice. Same result.
Trying to debug, I find 'stunnel -V' also gives the same result.
Can someone point out what's going wrong?
-Van _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
Thanks Gonz. That seems to be all that was needed.
- Van
On Jun 21, 2007, at 12:53 PM, Gonzalo Diethelm wrote:
I did a simple search on Google for "stunnel Wrong permissions on" and followed the very first link:
http://ipucu.enderunix.org/view.php?id=973&lang=en
"Wrong permissions on /usr/local/etc/stunnel/stunnel.pem" - Ýsmail Yenigül - (2006-03-07 19:12:40) [1934]
if you get this error message issue the following command to fix the permission.
# chmod 600 /usr/local/etc/stunnel/stunnel.pem
HTH. Regards.
On Thu, 2007-06-21 at 12:23 -0400, Van wrote:
Getting closer. I now get-
[van@mailserver ]$ sudo stunnel /usr/local/etc/stunnel/stunnel.conf localhost:ipop3
2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on / usr/ local/etc/stunnel/mail.pem 2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on / usr/ local/etc/stunnel/mail.pem 2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on / usr/ local/etc/stunnel/mail.pem
But that doesn't make sense to me. mail.pem permissions are the same as my cert's and it works fine.
[van@mailserver change_passwd]$ ls -al /usr/local/etc/stunnel/ mail.pem -rw-r--r-- 1 root root 2942 Jun 20 18:21 /usr/local/etc/stunnel/ mail.pem
[van@mailserver change_passwd]$ ls -al /etc/httpd/certs/www.crt -rw-r--r-- 1 root root 1074 Jun 1 12:30 /etc/httpd/certs/www.crt
Is the error misleading? Or what should the mail.pem perms be?
Van
On Jun 20, 2007, at 9:33 PM, Kevin Cook wrote:
If you are using a stunnel.conf file, I would replace the '-d pop3s -r' with the absolute path to the .conf file:
sudo /usr/local/sbin/stunnel /usr/local/etc/stunnel/stunnel.conf
I believe command line options were typically used more in older versions, but now all configuration is done in the configuration
file.
Kevin
-----Original Message----- From: Van [mailto:vanyel@medusa.bioc.aecom.yu.edu] Sent: Wednesday, June 20, 2007 6:03 PM To: stunnel-users@mirt.net Subject: [stunnel-users] Trying to get stunnel to work for
forwarding
pop3sto ipop3 port
Hello,
This is my introduction to stunnel. I've inherited control of a pop3 and imap server running Red Hat Linux 4 that I want to access via pop3s and imaps. I'm starting out with securing the pop3 since most users are using it.
I downloaded stunnel 4.20 and compiled it according to the instructions on stunnel.org.
I read the certificates section of the site and made a new .pem
file
that I named mail.pem and have in the /usr/local/etc/stunnel/ directory that /usr/local/etc/stunnel/stunnel.conf asks for. But when I
try to
run stunnel like in the Examples section I get :
[van@mailserver ~]$ sudo /usr/local/sbin/stunnel -d pop3s -r localhost:ipop3 2007.06.20 17:59:54 LOG3[25516:3086419648]: -d: No such file or directory (2) Syntax: stunnel [<filename>] ] -fd <n> | -help | -version | -sockets <filename> - use specified config file instead of /usr/local/ etc/stunnel/stunnel.conf -fd <n> - read the config file from a file descriptor -help - get config file help -version - display version and defaults -sockets - display default socket options
I'm a little lost here. Never dealt with a .pem file before
stunnel.
I have a self-signed cert I'm successfully using for https
webmail on
the server and guessing stunnel couldn't see that, I appended my
file
'mailserver.crt' into my mail.pem file and edited stunnel.conf
so it
has
;CAfile = /usr/local/etc/stunnel/certs.pem CAfile = /usr/local/etc/stunnel/mail.pem
but no dice. Same result.
Trying to debug, I find 'stunnel -V' also gives the same result.
Can someone point out what's going wrong?
-Van _______________________________________________ stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
stunnel-users mailing list stunnel-users@mirt.net http://stunnel.mirt.net/mailman/listinfo/stunnel-users
-- Gonzalo Diethelm gonzalo.diethelm@diethelm.org
-
Gonzalo Diethelm -
Van