Hi all,
I've been happily using stunnel for the same purpose and the same config for over year but it's suddenly stopped working. I was using it to wrap http shoutcast (port 8000) to https (port 8444). I'm using a letsencrypt cert.
config:
client = no
[shoutcast] accept = 8444 connect = 127.0.0.1:8000 cert = /etc/letsencrypt/live/*server name*/fullchain.pem key = /etc/letsencrypt/live/*server name*/privkey.pem
This keeps getting repeated in the log:
2021.05.22 22:18:27 LOG7[main]: Found 1 ready file descriptor(s) 2021.05.22 22:18:27 LOG7[main]: FD=4 events=0x2001 revents=0x0 2021.05.22 22:18:27 LOG7[main]: FD=9 events=0x2001 revents=0x1 2021.05.22 22:18:27 LOG7[main]: Service [shoutcast] accepted (FD=3) from *server ip*:40506 2021.05.22 22:18:27 LOG7[4]: Service [shoutcast] started 2021.05.22 22:18:27 LOG7[4]: Setting local socket options (FD=3) 2021.05.22 22:18:27 LOG7[4]: Option TCP_NODELAY set on local socket 2021.05.22 22:18:27 LOG5[4]: Service [shoutcast] accepted connection from *server ip*:40506 2021.05.22 22:18:27 LOG6[4]: Peer certificate not required 2021.05.22 22:18:27 LOG7[4]: TLS state (accept): before SSL initialization 2021.05.22 22:18:27 LOG3[4]: SSL_accept: ../ssl/record/ssl3_record.c:322: error:1408F09C:SSL routines:ssl3_get_record:http request 2021.05.22 22:18:27 LOG5[4]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2021.05.22 22:18:27 LOG7[4]: Local descriptor (FD=3) closed 2021.05.22 22:18:27 LOG7[4]: Service [shoutcast] finished (0 left)
(server ip & server name removed)
Suggestions and recommendations gratefully received! Thanks.
I can put this to bed myself. The host started blocking access to port 8444 because it's used by Chia Mining. They didn't tell me this until I'd spent around 9 hours trying to debug this though. I've moved the service to another port and can confirm stunnel is working as reliably as before. Thanks !
On 22/05/2021 22:33, Alastair @ Expert Geeks via stunnel-users wrote:
Hi all,
I've been happily using stunnel for the same purpose and the same config for over year but it's suddenly stopped working. I was using it to wrap http shoutcast (port 8000) to https (port 8444). I'm using a letsencrypt cert.
config:
client = no
[shoutcast] accept = 8444 connect = 127.0.0.1:8000 cert = /etc/letsencrypt/live/*server name*/fullchain.pem key = /etc/letsencrypt/live/*server name*/privkey.pem
This keeps getting repeated in the log:
2021.05.22 22:18:27 LOG7[main]: Found 1 ready file descriptor(s) 2021.05.22 22:18:27 LOG7[main]: FD=4 events=0x2001 revents=0x0 2021.05.22 22:18:27 LOG7[main]: FD=9 events=0x2001 revents=0x1 2021.05.22 22:18:27 LOG7[main]: Service [shoutcast] accepted (FD=3) from *server ip*:40506 2021.05.22 22:18:27 LOG7[4]: Service [shoutcast] started 2021.05.22 22:18:27 LOG7[4]: Setting local socket options (FD=3) 2021.05.22 22:18:27 LOG7[4]: Option TCP_NODELAY set on local socket 2021.05.22 22:18:27 LOG5[4]: Service [shoutcast] accepted connection from *server ip*:40506 2021.05.22 22:18:27 LOG6[4]: Peer certificate not required 2021.05.22 22:18:27 LOG7[4]: TLS state (accept): before SSL initialization 2021.05.22 22:18:27 LOG3[4]: SSL_accept: ../ssl/record/ssl3_record.c:322: error:1408F09C:SSL routines:ssl3_get_record:http request 2021.05.22 22:18:27 LOG5[4]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket 2021.05.22 22:18:27 LOG7[4]: Local descriptor (FD=3) closed 2021.05.22 22:18:27 LOG7[4]: Service [shoutcast] finished (0 left)
(server ip & server name removed)
Suggestions and recommendations gratefully received! Thanks.
stunnel-users mailing list -- stunnel-users@stunnel.org To unsubscribe send an email to stunnel-users-leave@stunnel.org
-
Alastair @ Expert Geeks -
Expert Geeks