Hi all, Need your help.

When I configured the Stunnel without the Engine LunaCA3 (product from SafeNet), everything worked fine. After add the global option with the engine: engine=LunaCA3 engineCtrl=SO_PATH:/usr/local/ssl/lib/engines/liblunaca3.so

I got the following error. I also searched previous engine issues and saw someone else with the similar issues. Hope that the issue was resolved.

The Stunnel and the open SSL info: stunnel 5.20 on x86_64 Linux. Compiled/running with OpenSSL 1.0.1i-fips. The setting is for server with sslVersion = TLSv1 and ciphers = AES128-SHA.

2015.09.08 11:11:01 LOG7[0]: SSL state (accept): SSLv3 read client certificate A 2015.09.08 11:11:01 LOG7[0]: SSL state (accept): SSLv3 read client key exchange A 2015.09.08 11:11:01 LOG7[0]: SSL state (accept): SSLv3 read certificate verify A 2015.09.08 11:11:01 LOG7[0]: SSL alert (write): fatal: bad record mac 2015.09.08 11:11:01 LOG3[0]: SSL_accept: 1408F119: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac 2015.09.08 11:11:01 LOG5[0]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket 2015.09.08 11:11:01 LOG7[0]: Deallocating application specific data for addr index 2015.09.08 11:11:01 LOG7[0]: Local socket (FD=3) closed

Any help and info are greatly appreciated!!

Thanks

Ann Donne

---------------------------------------------------------------------- This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.bankofamerica.com/emaildisclaimer. If you are not the intended recipient, please delete this message.