Hi,
Well I got it started on VMS and wanted to put it in debug mode, so I shut it down made my changes to the conf file and now well I can't start it with the command procedure.
I even tried the old conf and same thing...
$ @STUNNEL_STARTUP_SERVER Is the private key (in the PEM file) encrypted? [Y/N]: Y Enter the password to decrypt the key (please use paired double quotes with it): ""XXXXXXXXX"" Starting up a Stunnel %RUN-S-PROC_ID, identification of created process is 209FCA70 Stunnel server failed to start up-- check the configuration, etc.
Nothing is logged...
But if I do the following
$ stunnel STUNNEL_SERVER.CONF
And the output to the screen... 2015.04.24 10:35:24 LOG7[547326662:2071228096]: Snagged 64 random bytes from sys$common:[sysmgr].rnd 2015.04.24 10:35:24 LOG7[547326662:2071228096]: Wrote 1024 new random bytes to sys$common:[sysmgr].rnd 2015.04.24 10:35:24 LOG7[547326662:2071228096]: RAND_status claims sufficient entropy for the PRNG 2015.04.24 10:35:24 LOG7[547326662:2071228096]: PRNG seeded successfully 2015.04.24 10:35:24 LOG7[547326662:2071228096]: Certificate: stunnel.pem 2015.04.24 10:35:24 LOG7[547326662:2071228096]: Certificate loaded 2015.04.24 10:35:24 LOG7[547326662:2071228096]: Key file: stunnel.pem Enter PEM pass phrase: 2015.04.24 10:35:31 LOG7[547326662:2071228096]: Private key loaded 2015.04.24 10:35:31 LOG7[547326662:2071228096]: SSL context initialized for service telnet
This is where it sits unless I do a ctrl-c to cancel and get back to the system prompt.
And when I do my telnet session I cannot connect. Well I connect but no prompts for me to login
But now I have log output! :)
2015.04.24 10:08:31 LOG5[547326662:2071228096]: stunnel undefined on vax-openvms with OpenSSL 0.9.8h 28 May 2008 2015.04.24 10:08:31 LOG5[547326662:2071228096]: Threading:PTHREAD Sockets:POLL,IPv4 2015.04.24 10:08:31 LOG6[547326662:2071228096]: file ulimit = 512 (can be changed with 'ulimit -n') 2015.04.24 10:08:31 LOG6[547326662:2071228096]: poll() used - no FD_SETSIZE limit for file descriptors 2015.04.24 10:08:31 LOG5[547326662:2071228096]: 250 clients allowed 2015.04.24 10:08:31 LOG7[547326662:2071228096]: FD 5 in non-blocking mode 2015.04.24 10:08:31 LOG7[547326662:2071228096]: FD 4 in non-blocking mode 2015.04.24 10:08:31 LOG7[547326662:2071228096]: FD 6 in non-blocking mode 2015.04.24 10:08:31 LOG7[547326662:2071228096]: SO_REUSEADDR option set on accept socket 2015.04.24 10:08:31 LOG7[547326662:2071228096]: telnet bound to 0.0.0.0: 2015.04.24 10:15:00 LOG3[547326662:2071228096]: Received signal 2; terminating 2015.04.24 10:18:18 LOG5[547326662:2071228096]: stunnel undefined on vax-openvms with OpenSSL 0.9.8h 28 May 2008 2015.04.24 10:18:18 LOG5[547326662:2071228096]: Threading:PTHREAD Sockets:POLL,IPv4 2015.04.24 10:18:18 LOG6[547326662:2071228096]: file ulimit = 512 (can be changed with 'ulimit -n') 2015.04.24 10:18:18 LOG6[547326662:2071228096]: poll() used - no FD_SETSIZE limit for file descriptors 2015.04.24 10:18:18 LOG5[547326662:2071228096]: 250 clients allowed 2015.04.24 10:18:18 LOG7[547326662:2071228096]: FD 5 in non-blocking mode 2015.04.24 10:18:18 LOG7[547326662:2071228096]: FD 4 in non-blocking mode 2015.04.24 10:18:18 LOG7[547326662:2071228096]: FD 6 in non-blocking mode 2015.04.24 10:18:18 LOG7[547326662:2071228096]: SO_REUSEADDR option set on accept socket 2015.04.24 10:18:19 LOG7[547326662:2071228096]: telnet bound to 0.0.0.0: 2015.04.24 10:21:08 LOG6[547326662:2071228096]: going to accept mode 2015.04.24 10:21:08 LOG7[547326662:2071228096]: telnet accepted FD=7 from 192.168.20.140:59281 2015.04.24 10:21:08 LOG6[547326662:2071228096]: accepted connection 2015.04.24 10:21:08 LOG7[547326662:8966656]: telnet started 2015.04.24 10:21:08 LOG7[547326662:8966656]: FD 7 in non-blocking mode 2015.04.24 10:21:08 LOG7[547326662:8966656]: TCP_NODELAY option set on local socket 2015.04.24 10:21:08 LOG5[547326662:8966656]: telnet accepted connection from 0.0.0.0: 2015.04.24 10:21:08 LOG7[547326662:8966656]: SSL state (accept): before/accept initialization 2015.04.24 10:21:30 LOG3[547326662:8966656]: SSL_accept: Peer suddenly disconnected 2015.04.24 10:21:30 LOG5[547326662:8966656]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2015.04.24 10:21:30 LOG7[547326662:8966656]: telnet finished (0 left) 2015.04.24 10:21:31 LOG6[547326662:2071228096]: going to accept mode 2015.04.24 10:21:31 LOG7[547326662:2071228096]: telnet accepted FD=7 from 192.168.20.140:59283 2015.04.24 10:21:31 LOG6[547326662:2071228096]: accepted connection 2015.04.24 10:21:31 LOG7[547326662:8966656]: telnet started 2015.04.24 10:21:31 LOG7[547326662:8966656]: FD 7 in non-blocking mode 2015.04.24 10:21:31 LOG7[547326662:8966656]: TCP_NODELAY option set on local socket 2015.04.24 10:21:31 LOG5[547326662:8966656]: telnet accepted connection from 0.0.0.0: 2015.04.24 10:21:31 LOG7[547326662:8966656]: SSL state (accept): before/accept initialization 2015.04.24 10:21:32 LOG3[547326662:8966656]: SSL_accept: Peer suddenly disconnected 2015.04.24 10:21:32 LOG5[547326662:8966656]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2015.04.24 10:21:32 LOG7[547326662:8966656]: telnet finished (0 left) 2015.04.24 10:21:33 LOG6[547326662:2071228096]: going to accept mode 2015.04.24 10:21:33 LOG7[547326662:2071228096]: telnet accepted FD=7 from 192.168.20.140:59284 2015.04.24 10:21:33 LOG6[547326662:2071228096]: accepted connection 2015.04.24 10:21:33 LOG7[547326662:8966656]: telnet started 2015.04.24 10:21:33 LOG7[547326662:8966656]: FD 7 in non-blocking mode 2015.04.24 10:21:33 LOG7[547326662:8966656]: TCP_NODELAY option set on local socket 2015.04.24 10:21:33 LOG5[547326662:8966656]: telnet accepted connection from 0.0.0.0: 2015.04.24 10:21:33 LOG7[547326662:8966656]: SSL state (accept): before/accept initialization 2015.04.24 10:21:34 LOG3[547326662:8966656]: SSL_accept: Peer suddenly disconnected 2015.04.24 10:21:34 LOG5[547326662:8966656]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2015.04.24 10:21:34 LOG7[547326662:8966656]: telnet finished (0 left)
Paul J Coviello Senior System Administrator
CCS Corporate Headquarters Two Wells Avenue, Newton, MA 02459 617.965.2000, Ext. 4004
[cid:image001.png@01D07E7A.602FCE40]
[cid:image002.gif@01D07E7A.602FCE40]
CCS Commercial, LLC | CCS Resources, Inc. | ClaimAssist, LLC | Credit Control Services, Inc. Customer Contact Solutions, LLC | Enterprise Associates, LLC
On Fri, Apr 24, 2015 at 10:41 AM, Coviello, Paul pcoviello@ccsusa.com wrote:
Hi,
Well I got it started on VMS and wanted to put it in debug mode, so I shut it down made my changes to the conf file and now well I can't start it with the command procedure.
I even tried the old conf and same thing...
$ @STUNNEL_STARTUP_SERVER
Is the private key (in the PEM file) encrypted? [Y/N]: Y
Enter the password to decrypt the key (please use paired double quotes with it): ""XXXXXXXXX""
Starting up a Stunnel
%RUN-S-PROC_ID, identification of created process is 209FCA70
Stunnel server failed to start up-- check the configuration, etc.
Nothing is logged...
But if I do the following
$ stunnel STUNNEL_SERVER.CONF
And the output to the screen...
2015.04.24 10:35:24 LOG7[547326662:2071228096]: Snagged 64 random bytes from sys$common:[sysmgr].rnd
2015.04.24 10:35:24 LOG7[547326662:2071228096]: Wrote 1024 new random bytes to sys$common:[sysmgr].rnd
2015.04.24 10:35:24 LOG7[547326662:2071228096]: RAND_status claims sufficient entropy for the PRNG
2015.04.24 10:35:24 LOG7[547326662:2071228096]: PRNG seeded successfully
2015.04.24 10:35:24 LOG7[547326662:2071228096]: Certificate: stunnel.pem
2015.04.24 10:35:24 LOG7[547326662:2071228096]: Certificate loaded
2015.04.24 10:35:24 LOG7[547326662:2071228096]: Key file: stunnel.pem
Enter PEM pass phrase:
2015.04.24 10:35:31 LOG7[547326662:2071228096]: Private key loaded
2015.04.24 10:35:31 LOG7[547326662:2071228096]: SSL context initialized for service telnet
This is where it sits unless I do a ctrl-c to cancel and get back to the system prompt.
And when I do my telnet session I cannot connect. Well I connect but no prompts for me to login
But now I have log output! J
2015.04.24 10:08:31 LOG5[547326662:2071228096]: stunnel undefined on vax-openvms with OpenSSL 0.9.8h 28 May 2008
2015.04.24 10:08:31 LOG5[547326662:2071228096]: Threading:PTHREAD Sockets:POLL,IPv4
2015.04.24 10:08:31 LOG6[547326662:2071228096]: file ulimit = 512 (can be changed with 'ulimit -n')
2015.04.24 10:08:31 LOG6[547326662:2071228096]: poll() used - no FD_SETSIZE limit for file descriptors
2015.04.24 10:08:31 LOG5[547326662:2071228096]: 250 clients allowed
2015.04.24 10:08:31 LOG7[547326662:2071228096]: FD 5 in non-blocking mode
2015.04.24 10:08:31 LOG7[547326662:2071228096]: FD 4 in non-blocking mode
2015.04.24 10:08:31 LOG7[547326662:2071228096]: FD 6 in non-blocking mode
2015.04.24 10:08:31 LOG7[547326662:2071228096]: SO_REUSEADDR option set on accept socket
2015.04.24 10:08:31 LOG7[547326662:2071228096]: telnet bound to 0.0.0.0:
2015.04.24 10:15:00 LOG3[547326662:2071228096]: Received signal 2; terminating
2015.04.24 10:18:18 LOG5[547326662:2071228096]: stunnel undefined on vax-openvms with OpenSSL 0.9.8h 28 May 2008
2015.04.24 10:18:18 LOG5[547326662:2071228096]: Threading:PTHREAD Sockets:POLL,IPv4
2015.04.24 10:18:18 LOG6[547326662:2071228096]: file ulimit = 512 (can be changed with 'ulimit -n')
2015.04.24 10:18:18 LOG6[547326662:2071228096]: poll() used - no FD_SETSIZE limit for file descriptors
2015.04.24 10:18:18 LOG5[547326662:2071228096]: 250 clients allowed
2015.04.24 10:18:18 LOG7[547326662:2071228096]: FD 5 in non-blocking mode
2015.04.24 10:18:18 LOG7[547326662:2071228096]: FD 4 in non-blocking mode
2015.04.24 10:18:18 LOG7[547326662:2071228096]: FD 6 in non-blocking mode
2015.04.24 10:18:18 LOG7[547326662:2071228096]: SO_REUSEADDR option set on accept socket
2015.04.24 10:18:19 LOG7[547326662:2071228096]: telnet bound to 0.0.0.0:
2015.04.24 10:21:08 LOG6[547326662:2071228096]: going to accept mode
2015.04.24 10:21:08 LOG7[547326662:2071228096]: telnet accepted FD=7 from 192.168.20.140:59281
2015.04.24 10:21:08 LOG6[547326662:2071228096]: accepted connection
2015.04.24 10:21:08 LOG7[547326662:8966656]: telnet started
2015.04.24 10:21:08 LOG7[547326662:8966656]: FD 7 in non-blocking mode
2015.04.24 10:21:08 LOG7[547326662:8966656]: TCP_NODELAY option set on local socket
2015.04.24 10:21:08 LOG5[547326662:8966656]: telnet accepted connection from 0.0.0.0:
2015.04.24 10:21:08 LOG7[547326662:8966656]: SSL state (accept): before/accept initialization
2015.04.24 10:21:30 LOG3[547326662:8966656]: SSL_accept: Peer suddenly disconnected
2015.04.24 10:21:30 LOG5[547326662:8966656]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2015.04.24 10:21:30 LOG7[547326662:8966656]: telnet finished (0 left)
2015.04.24 10:21:31 LOG6[547326662:2071228096]: going to accept mode
2015.04.24 10:21:31 LOG7[547326662:2071228096]: telnet accepted FD=7 from 192.168.20.140:59283
2015.04.24 10:21:31 LOG6[547326662:2071228096]: accepted connection
2015.04.24 10:21:31 LOG7[547326662:8966656]: telnet started
2015.04.24 10:21:31 LOG7[547326662:8966656]: FD 7 in non-blocking mode
2015.04.24 10:21:31 LOG7[547326662:8966656]: TCP_NODELAY option set on local socket
2015.04.24 10:21:31 LOG5[547326662:8966656]: telnet accepted connection from 0.0.0.0:
2015.04.24 10:21:31 LOG7[547326662:8966656]: SSL state (accept): before/accept initialization
2015.04.24 10:21:32 LOG3[547326662:8966656]: SSL_accept: Peer suddenly disconnected
2015.04.24 10:21:32 LOG5[547326662:8966656]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2015.04.24 10:21:32 LOG7[547326662:8966656]: telnet finished (0 left)
2015.04.24 10:21:33 LOG6[547326662:2071228096]: going to accept mode
2015.04.24 10:21:33 LOG7[547326662:2071228096]: telnet accepted FD=7 from 192.168.20.140:59284
2015.04.24 10:21:33 LOG6[547326662:2071228096]: accepted connection
2015.04.24 10:21:33 LOG7[547326662:8966656]: telnet started
2015.04.24 10:21:33 LOG7[547326662:8966656]: FD 7 in non-blocking mode
2015.04.24 10:21:33 LOG7[547326662:8966656]: TCP_NODELAY option set on local socket
2015.04.24 10:21:33 LOG5[547326662:8966656]: telnet accepted connection from 0.0.0.0:
2015.04.24 10:21:33 LOG7[547326662:8966656]: SSL state (accept): before/accept initialization
2015.04.24 10:21:34 LOG3[547326662:8966656]: SSL_accept: Peer suddenly disconnected
2015.04.24 10:21:34 LOG5[547326662:8966656]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2015.04.24 10:21:34 LOG7[547326662:8966656]: telnet finished (0 left)
Without knowing your current configuration files (server and client), it's difficult to debug. I would set up something as simple as this (assuming telnet is port 21 on your system, if not change as appropriate). You will have to stick with TLSv1 as the highest level of encryption based on your OpenSSL library version.
1. Create a stunnel.conf file for the client with the following contents (change SERVERIP to be the actual server's public IP address or the LAN IP address if you're behind a firewall on both computers): sslVersion=TLSv1 FIPS = no socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 client = yes [stunnel_telnet] accept = 127.0.0.1:2021 connect = SERVERIP:2121 delay = no 2. Create a stunnel.conf file for the server with the following contents (modify as appropriate for the stunnel.pem file location): sslVersion=TLSv1 cert=stunnel.pem socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 client = no [stunnel_telnet] accept = 2121 connect = 127.0.0.1:21 delay = no 3. Now, start the service first, then the client 4. On your windows box, telnet to port 2021 of localhost. This should work.
Perfect!
Thank you very much!
That's the part I was missing the most... I kept trying to telnet to the server...
Now to figure out how to keep it running on VMS....
BTW: Rob gmail is blocked for me that's why I keep removing you! :)
From: Rob Lockhart [mailto:rlockhar@gmail.com] Sent: Friday, April 24, 2015 12:10 PM To: Coviello, Paul Cc: stunnel-users@stunnel.org Subject: Re: [stunnel-users] startup issues
On Fri, Apr 24, 2015 at 10:41 AM, Coviello, Paul <pcoviello@ccsusa.commailto:pcoviello@ccsusa.com> wrote: Hi,
Well I got it started on VMS and wanted to put it in debug mode, so I shut it down made my changes to the conf file and now well I can't start it with the command procedure.
I even tried the old conf and same thing...
$ @STUNNEL_STARTUP_SERVER Is the private key (in the PEM file) encrypted? [Y/N]: Y Enter the password to decrypt the key (please use paired double quotes with it): ""XXXXXXXXX"" Starting up a Stunnel %RUN-S-PROC_ID, identification of created process is 209FCA70 Stunnel server failed to start up-- check the configuration, etc.
Nothing is logged...
But if I do the following
$ stunnel STUNNEL_SERVER.CONF
And the output to the screen... 2015.04.24 10:35:24 LOG7[547326662:2071228096]: Snagged 64 random bytes from sys$common:[sysmgr].rnd 2015.04.24 10:35:24 LOG7[547326662:2071228096]: Wrote 1024 new random bytes to sys$common:[sysmgr].rnd 2015.04.24 10:35:24 LOG7[547326662:2071228096]: RAND_status claims sufficient entropy for the PRNG 2015.04.24 10:35:24 LOG7[547326662:2071228096]: PRNG seeded successfully 2015.04.24 10:35:24 LOG7[547326662:2071228096]: Certificate: stunnel.pem 2015.04.24 10:35:24 LOG7[547326662:2071228096]: Certificate loaded 2015.04.24 10:35:24 LOG7[547326662:2071228096]: Key file: stunnel.pem Enter PEM pass phrase: 2015.04.24 10:35:31 LOG7[547326662:2071228096]: Private key loaded 2015.04.24 10:35:31 LOG7[547326662:2071228096]: SSL context initialized for service telnet
This is where it sits unless I do a ctrl-c to cancel and get back to the system prompt.
And when I do my telnet session I cannot connect. Well I connect but no prompts for me to login
But now I have log output! :)
2015.04.24 10:08:31 LOG5[547326662:2071228096]: stunnel undefined on vax-openvms with OpenSSL 0.9.8h 28 May 2008 2015.04.24 10:08:31 LOG5[547326662:2071228096]: Threading:PTHREAD Sockets:POLL,IPv4 2015.04.24 10:08:31 LOG6[547326662:2071228096]: file ulimit = 512 (can be changed with 'ulimit -n') 2015.04.24 10:08:31 LOG6[547326662:2071228096]: poll() used - no FD_SETSIZE limit for file descriptors 2015.04.24 10:08:31 LOG5[547326662:2071228096]: 250 clients allowed 2015.04.24 10:08:31 LOG7[547326662:2071228096]: FD 5 in non-blocking mode 2015.04.24 10:08:31 LOG7[547326662:2071228096]: FD 4 in non-blocking mode 2015.04.24 10:08:31 LOG7[547326662:2071228096]: FD 6 in non-blocking mode 2015.04.24 10:08:31 LOG7[547326662:2071228096]: SO_REUSEADDR option set on accept socket 2015.04.24 10:08:31 LOG7[547326662:2071228096]: telnet bound to 0.0.0.0http://0.0.0.0: 2015.04.24 10:15:00 LOG3[547326662:2071228096]: Received signal 2; terminating 2015.04.24 10:18:18 LOG5[547326662:2071228096]: stunnel undefined on vax-openvms with OpenSSL 0.9.8h 28 May 2008 2015.04.24 10:18:18 LOG5[547326662:2071228096]: Threading:PTHREAD Sockets:POLL,IPv4 2015.04.24 10:18:18 LOG6[547326662:2071228096]: file ulimit = 512 (can be changed with 'ulimit -n') 2015.04.24 10:18:18 LOG6[547326662:2071228096]: poll() used - no FD_SETSIZE limit for file descriptors 2015.04.24 10:18:18 LOG5[547326662:2071228096]: 250 clients allowed 2015.04.24 10:18:18 LOG7[547326662:2071228096]: FD 5 in non-blocking mode 2015.04.24 10:18:18 LOG7[547326662:2071228096]: FD 4 in non-blocking mode 2015.04.24 10:18:18 LOG7[547326662:2071228096]: FD 6 in non-blocking mode 2015.04.24 10:18:18 LOG7[547326662:2071228096]: SO_REUSEADDR option set on accept socket 2015.04.24 10:18:19 LOG7[547326662:2071228096]: telnet bound to 0.0.0.0http://0.0.0.0: 2015.04.24 10:21:08 LOG6[547326662:2071228096]: going to accept mode 2015.04.24 10:21:08 LOG7[547326662:2071228096]: telnet accepted FD=7 from 192.168.20.140:59281http://192.168.20.140:59281 2015.04.24 10:21:08 LOG6[547326662:2071228096]: accepted connection 2015.04.24 10:21:08 LOG7[547326662:8966656]: telnet started 2015.04.24 10:21:08 LOG7[547326662:8966656]: FD 7 in non-blocking mode 2015.04.24 10:21:08 LOG7[547326662:8966656]: TCP_NODELAY option set on local socket 2015.04.24 10:21:08 LOG5[547326662:8966656]: telnet accepted connection from 0.0.0.0http://0.0.0.0: 2015.04.24 10:21:08 LOG7[547326662:8966656]: SSL state (accept): before/accept initialization 2015.04.24 10:21:30 LOG3[547326662:8966656]: SSL_accept: Peer suddenly disconnected 2015.04.24 10:21:30 LOG5[547326662:8966656]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2015.04.24 10:21:30 LOG7[547326662:8966656]: telnet finished (0 left) 2015.04.24 10:21:31 LOG6[547326662:2071228096]: going to accept mode 2015.04.24 10:21:31 LOG7[547326662:2071228096]: telnet accepted FD=7 from 192.168.20.140:59283http://192.168.20.140:59283 2015.04.24 10:21:31 LOG6[547326662:2071228096]: accepted connection 2015.04.24 10:21:31 LOG7[547326662:8966656]: telnet started 2015.04.24 10:21:31 LOG7[547326662:8966656]: FD 7 in non-blocking mode 2015.04.24 10:21:31 LOG7[547326662:8966656]: TCP_NODELAY option set on local socket 2015.04.24 10:21:31 LOG5[547326662:8966656]: telnet accepted connection from 0.0.0.0http://0.0.0.0: 2015.04.24 10:21:31 LOG7[547326662:8966656]: SSL state (accept): before/accept initialization 2015.04.24 10:21:32 LOG3[547326662:8966656]: SSL_accept: Peer suddenly disconnected 2015.04.24 10:21:32 LOG5[547326662:8966656]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2015.04.24 10:21:32 LOG7[547326662:8966656]: telnet finished (0 left) 2015.04.24 10:21:33 LOG6[547326662:2071228096]: going to accept mode 2015.04.24 10:21:33 LOG7[547326662:2071228096]: telnet accepted FD=7 from 192.168.20.140:59284http://192.168.20.140:59284 2015.04.24 10:21:33 LOG6[547326662:2071228096]: accepted connection 2015.04.24 10:21:33 LOG7[547326662:8966656]: telnet started 2015.04.24 10:21:33 LOG7[547326662:8966656]: FD 7 in non-blocking mode 2015.04.24 10:21:33 LOG7[547326662:8966656]: TCP_NODELAY option set on local socket 2015.04.24 10:21:33 LOG5[547326662:8966656]: telnet accepted connection from 0.0.0.0http://0.0.0.0: 2015.04.24 10:21:33 LOG7[547326662:8966656]: SSL state (accept): before/accept initialization 2015.04.24 10:21:34 LOG3[547326662:8966656]: SSL_accept: Peer suddenly disconnected 2015.04.24 10:21:34 LOG5[547326662:8966656]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2015.04.24 10:21:34 LOG7[547326662:8966656]: telnet finished (0 left)
Without knowing your current configuration files (server and client), it's difficult to debug. I would set up something as simple as this (assuming telnet is port 21 on your system, if not change as appropriate). You will have to stick with TLSv1 as the highest level of encryption based on your OpenSSL library version.
1. Create a stunnel.conf file for the client with the following contents (change SERVERIP to be the actual server's public IP address or the LAN IP address if you're behind a firewall on both computers): sslVersion=TLSv1 FIPS = no socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 client = yes [stunnel_telnet] accept = 127.0.0.1:2021http://127.0.0.1:2021 connect = SERVERIP:2121 delay = no 2. Create a stunnel.conf file for the server with the following contents (modify as appropriate for the stunnel.pem file location): sslVersion=TLSv1 cert=stunnel.pem socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 client = no [stunnel_telnet] accept = 2121 connect = 127.0.0.1:21http://127.0.0.1:21 delay = no 3. Now, start the service first, then the client 4. On your windows box, telnet to port 2021 of localhost. This should work.
On Fri, Apr 24, 2015 at 12:41 PM, Coviello, Paul pcoviello@ccsusa.com wrote:
Perfect!
Thank you very much!
That's the part I was missing the most... I kept trying to telnet to the server...
Now to figure out how to keep it running on VMS....
BTW: Rob gmail is blocked for me that's why I keep removing you! J
I hope that works. In regards to keeping it running, I don't know if there's something equivalent but in Unix (Solaris/HPUX/Linux/etc.) I used to use a program called "screen" that you could detach the screen but it kept running in the background. It was really useful over dialup, especially if the connection was dropped. After the connection dropped, you would re-establish a connection to the server and then "re-attach" the session and everything was there in the same manner before you left. I don't know if this is the same method but I did see this with a Google search: http://h71000.www7.hp.com/doc/84final/9996/9996pro_40.html http://www.openvms.compaq.com/doc/73final/6489/6489pro_048.html http://h71000.www7.hp.com/doc/83final/9996/9996pro_168.html
The GNU Screen howto is here: http://www.rackaid.com/blog/linux-screen-tutorial-and-how-to/
Good luck, -Rob
Actually got it running again...
I ran the com file in a new login session and it created the process. So it appears I'm good!!!!
Thanks again for your help!
Paul
From: stunnel-users [mailto:stunnel-users-bounces@stunnel.org] On Behalf Of Rob Lockhart Sent: Friday, April 24, 2015 2:45 PM To: stunnel-users@stunnel.org Subject: Re: [stunnel-users] startup issues
On Fri, Apr 24, 2015 at 12:41 PM, Coviello, Paul <pcoviello@ccsusa.commailto:pcoviello@ccsusa.com> wrote: Perfect! Thank you very much! That's the part I was missing the most... I kept trying to telnet to the server...
Now to figure out how to keep it running on VMS....
BTW: Rob gmail is blocked for me that's why I keep removing you! :)
I hope that works. In regards to keeping it running, I don't know if there's something equivalent but in Unix (Solaris/HPUX/Linux/etc.) I used to use a program called "screen" that you could detach the screen but it kept running in the background. It was really useful over dialup, especially if the connection was dropped. After the connection dropped, you would re-establish a connection to the server and then "re-attach" the session and everything was there in the same manner before you left. I don't know if this is the same method but I did see this with a Google search: http://h71000.www7.hp.com/doc/84final/9996/9996pro_40.html http://www.openvms.compaq.com/doc/73final/6489/6489pro_048.html http://h71000.www7.hp.com/doc/83final/9996/9996pro_168.html
The GNU Screen howto is here: http://www.rackaid.com/blog/linux-screen-tutorial-and-how-to/
Good luck, -Rob
-
Coviello, Paul -
Rob Lockhart