Hello,
I use stunnel on WinXP to connect to my ISP's pops server and get the following error message in my log:
2004.12.09 12:47:09 LOG5[4888:6096]: stunnel 4.05 on x86-pc-mingw32-gnu WIN32 with OpenSSL 0.9.7e 25 Oct 2004 2004.12.09 12:47:11 LOG5[4888:4612]: WIN32 platform: 30000 clients allowed 2004.12.09 12:47:46 LOG5[4888:5432]: pops.xs4all.nl:995 connected from 127.0.0.1:61950 2004.12.09 12:47:46 LOG5[4888:5432]: VERIFY IGNORE: depth=0, /C=NL/ST=Noord Holland/L=Diemen/O=XS4ALL Internet B.V./CN=pops.xs4all.nl 2004.12.09 12:47:46 LOG5[4888:5432]: VERIFY IGNORE: depth=0, /C=NL/ST=Noord Holland/L=Diemen/O=XS4ALL Internet B.V./CN=pops.xs4all.nl 2004.12.09 12:47:46 LOG5[4888:5432]: VERIFY IGNORE: depth=0, /C=NL/ST=Noord Holland/L=Diemen/O=XS4ALL Internet B.V./CN=pops.xs4all.nl 2004.12.09 12:47:46 LOG3[4888:5432]: SSL_connect: 14094412: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
This is my config:
CAfile = xxxxx cert = xxxxx CRLpath = xxxxx client = yes # debug = 4 key = xxxxx options = DONT_INSERT_EMPTY_FRAGMENTS output = stunnel.log RNDbytes = 64 RNDfile = .rnd RNDoverwrite = yes service = Stunnel client session = 300 taskbar = no verify = 0
[pops.xs4all.nl:995] accept = 127.0.0.1:5000 connect = pops.xs4all.nl:995 delay = yes
[pop.gmail.com:995] accept = 127.0.0.1:5003 connect = pop.gmail.com:995 delay = yes
The "xxxxx" are good filepaths because I can connect to pop.gmail.com:465 just fine.
Anyone got a clue where to look?
Thanks, Ron
Ron Kindermann schreef het volgende op 9-12-2004 13:01:
Snip
Nevermind this message, the problem is solved. It seems my ISP had client certificate checking switched on, now its switched off and everything works again.
-
Ron Kindermann