I am trying to set up stunnel so that it accepts SSL encrypted traffic from the internet on port 2525 and sends it to my mail server on port 25.
To create the certificate, I used:
sudo openssl req -new -outform PEM -out smtpd.cert \ -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM \ -days 365 -x509
My stunnel.conf is:
; Sample stunnel configuration file by Michal Trojnara 2002-2006 ; Some options used here may not be adequate for your particular configuration
; Certificate/key is needed in server mode and optional in client mode ; The default certificate is provided only for testing and should not ; be used in a production environment ;cert = stunnel.pem cert = /smtpd.cert ;key = stunnel.pem key = /smtpd.key
; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1
; Workaround for Eudora bug ;options = DONT_INSERT_EMPTY_FRAGMENTS
; Authentication stuff ;verify = 2 ; Don't forget to c_rehash CApath ;CApath = certs ; It's often easier to use CAfile ;CAfile = certs.pem ; Don't forget to c_rehash CRLpath ;CRLpath = crls ; Alternatively you can use CRLfile ;CRLfile = crls.pem
; Some debugging stuff useful for troubleshooting ;debug = 7 ;output = stunnel.log
; Use it for client mode ;client = yes
; Service-level configuration
;[pop3s] ;accept = 995 ;connect = 110
;[imaps] ;accept = 993 ;connect = 143
;[ssmtp] ;accept = 465 ;connect = 25
;[https] ;accept = 443 ;connect = 80 ;TIMEOUTclose = 0
; vim:ft=dosini
I am trying it in standalone mode.
Using Stunnel 4.04.
OpenSSL 0.9.7i 14 Oct 2005
Output of gcc -v is:
Using built-in specs. Target: powerpc-apple-darwin8 Configured with: /private/var/tmp/gcc/gcc-5341.obj~1/src/configure -- disable-checking -enable-werror --prefix=/usr --mandir=/share/man -- enable-languages=c,objc,c++,obj-c++ --program-transform-name=/^[cg] [^.-]*$/s/$/-4.0/ --with-gxx-include-dir=/include/c++/4.0.0 --with- slibdir=/usr/lib --build=powerpc-apple-darwin8 --host=powerpc-apple- darwin8 --target=powerpc-apple-darwin8 Thread model: posix gcc version 4.0.1 (Apple Computer, Inc. build 5341)
Whenever I try to start Stunnel, I get a message saying that there is no such file.
Eg:
$ stunnel -p /smtpd.cert -d 2525 -r 25 2006.10.01 00:36:46 LOG3[638:2684415368]: -p: No such file or directory (2) Syntax: stunnel [filename] | -help | -version | -sockets filename - use specified config file instead of /sw/etc/ stunnel/stunnel.conf -help - get config file help -version - display version and defaults -sockets - display default socket options
I am using Mac OS X 10.4.8, Stunnel was built using Fink.
Does anybody have any suggestions as to what I am doing wrong?
Thanks,
James.