Hello
With verify=3 and the certs loaded in the conf file with CAfile=startssl-chain.pem cert=mycert.pem, I get : CERT: Certificate not found in local repository
Using the latest stunnel recompiled on a debian squeeze, the best I can get is: error queue: 140B0009: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib SSL_CTX_use_PrivateKey_file: 906D06C: error:0906D06C:PEM routines:PEM_read_bio:no start line
However, if I put these very same pem files in a directory as a CApath option instead (c_rehash applied) everything works fine. But The pem files are identical !
I've read http://stunnel.mirt.net/pipermail/stunnel-users/2010-November/002854.html but it seems a bit different
The startssl-chain.pem was created with: wget http://www.startssl.com/certs/ca.pem wget http://www.startssl.com/certs/startssl.ca.pem cat sub.class1.server.ca.pem ca.pem > startssl-chain.pem
I guess that may be the cause of the problem?
What should I do to pass these pem files as stunnel.conf options instead of using the CApath?
Guylhem
-
Guylhem