I should also point out that the cipher suite is related to openssl version stunnel is compiled with. Again, we had customers that connected with TLSv1.3 and then could not negotiate a cipher suite ... leading to lost connection. Make sure you update openssl first -- then compile stunnel. Eric

Eric S Eberhard VICS (Vertical Integrated Computer Systems) Voice: 928 567 3529 Cell : 928 301 7537 (not reliable except for text or if not home) 2933 W Middle Verde Rd Camp Verde, AZ 86322

-----Original Message----- From: stunnel-users [mailto:stunnel-users-bounces@stunnel.org] On Behalf Of Javier Sent: Monday, July 09, 2018 9:55 AM To: stunnel-users@stunnel.org Subject: Re: [stunnel-users] [EXTERNAL] Re: Stunnel connection issue?

On Mon, 9 Jul 2018 12:26:08 +0000 Daniel Trickett daniel.trickett@emdmillipore.com wrote:

Will,

I was told to ignore the SSLv3 stuff in the log. I have options set to allow only TLS1.2 and still see SSLv3 references in the log.

Best regards,

Dan

Hi,

in fact, the version can be disclosed from following lines in the log, where is told the cipher used, but not where you usually look:

LOG6[1]: TLSv(1-1.1-1.2-1.3-whatever) ciphersuite: (whatever)

Regards.

_______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users