[stunnel-users] Going from 3.x command line to 4.x .conf file
Thomas Gagné
tgagne at gagne.homedns.org
Wed Aug 25 03:33:39 CEST 2004
I'm having a problem connecting with sourcehost using stunnel w/
configuration files. The command line version from 3.x works.
Here's the command line for 3.x
./stunnel -c -p client.pem -d localhost:2401 -r
repository.sourcehosting.net:2402 -P none -f -v 3 -A cacert.pem
and the conf file from 4.x
# Some debugging stuff
debug = 7
output = stunnel.log
# Use it for client mode
client = yes
foreground = yes
verify = 3
key = client.pem
cert = cacert.pem
# Service-level configuration
[cvs]
accept = 2401
connect = repository.sourcehosting.net:2402
When I run the older version it starts:
./stunnel -c -p client.pem -d localhost:2401 -r
repository.sourcehosting.net:2402 -P none -f -v 3 -A cacert.pem
2004.08.24 21:30:18 LOG5[2221:16384]: Using
'repository.sourcehosting.net.2402' as tcpwrapper service name
Enter PEM pass phrase:
2004.08.24 21:30:24 LOG5[2221:16384]: Peer certificate location
2004.08.24 21:30:24 LOG5[2221:16384]: stunnel 3.26 on
i686-pc-linux-gnu PTHREAD with OpenSSL 0.9.7d 17 Mar 20042004.08.24
21:30:24 LOG5[2221:16384]: FD_SETSIZE=1024, file ulimit=1024 -> 500
clients allowed
But when I run the newer version (with .conf) I get:
2004.08.24 21:31:43 LOG5[2236:4144017536]: stunnel 4.05 on
i386-redhat-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7a Feb 19 2003
2004.08.24 21:31:43 LOG7[2236:4144017536]: Snagged 64 random bytes
from /home/tgagne/.rnd
2004.08.24 21:31:43 LOG7[2236:4144017536]: Wrote 1024 new random
bytes to /home/tgagne/.rnd
2004.08.24 21:31:43 LOG7[2236:4144017536]: RAND_status claims
sufficient entropy for the PRNG
2004.08.24 21:31:43 LOG6[2236:4144017536]: PRNG seeded successfully
2004.08.24 21:31:43 LOG7[2236:4144017536]: Certificate: cacert.pem
2004.08.24 21:31:43 LOG7[2236:4144017536]: Key file: client.pem
2004.08.24 21:31:47 LOG3[2236:4144017536]:
SSL_CTX_use_RSAPrivateKey_file: B080074: error:0B080074:x509
certificate routines:X509_check_private_key:key values mismatch
I'm using the same cacert.pem and client.pem for both, as well as the
same passphrase.
More information about the stunnel-users
mailing list