[stunnel-users] SSL Handshake problems
markzero at logik.ath.cx
markzero at logik.ath.cx
Mon Aug 16 22:45:09 CEST 2004
I have a tunnel that forwards connections from syslog-ng on
localhost to my loghost. Or rather, I don't.
In the stunnel logs, I repeatedly get:
2004.08.16 21:28:30 LOG5[23452:1006768128]: syslogngs connected from
127.0.0.1:32479
2004.08.16 21:28:30 LOG7[23452:1006768128]: SSL state (accept): before/accept
initialization
2004.08.16 21:28:30 LOG3[23452:1006768128]: SSL_accept: 140760FC:
error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2004.08.16 21:28:30 LOG7[23452:1006768128]: syslogngs finished (2 left)
2004.08.16 21:28:31 LOG7[23452:1006693376]: SSL socket closed on SSL_read
2004.08.16 21:28:31 LOG5[23452:1006693376]: Connection closed: 0 bytes sent to SSL,
0 bytes sent to socket
2004.08.16 21:28:31 LOG7[23452:1006693376]: syslogngs finished (1 left)
2004.08.16 21:30:01 LOG7[23452:1006763008]: waitforsocket: ok
2004.08.16 21:30:01 LOG3[23452:1006763008]: SSL_accept: 140760FC: error:140760FC:SSL
routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2004.08.16 21:30:01 LOG7[23452:1006763008]: syslogngs finished (0 left)
..yet connecting using:
$ openssl s_client -connect localhost:5515
successfully connects to my loghost and prints the certificate details.
Why on earth will s_client connect and not syslog-ng?
Specific details:
192.168.1.6
syslog-ng -> localhost:5515
|
stunnel <----------|
|
stunnel ----------> loghost:5514
loghost:
192.168.1.7
(hosts) ---> stunnel (192.168.1.7:5514)
|
syslog-ng (localhost:5515)
I have now been trying to implement encrypted logging for a record time
of three months now and so far every attempt has failed in some way or
another. Can somebody please put an end to this adminstrative misery?
(more verbose program output on request)
mark
More information about the stunnel-users
mailing list