[stunnel-users] VeriSign Intermediate CA Certificate issue.
Unai Rodriguez
me at u-journal.org
Thu Nov 22 11:06:07 CET 2007
Dear All,
I am trying to set an https layer using stunnel. I am having problems
with the intermediary certificate since it appears broken to the user.
You may find a screenshot here:
http://u-journal.org/stunnel/Root_Cert_Err.jpg
My stunnel version is: 3.26 running on Debian 3.1
I run stunnel as standalone with this parameters:
stunnel -d 10.123.16.103:443 -D 7 -R /etc/ssl/certs/stunnel.rnd \
-p /etc/ssl/certs/stunnel.pem -o /var/log/stunnel/stunnel.log \
-r 10.123.16.103:80 -N https
You may find the output of my stunnel -V here:
http://pastebin.ca/793495
uname -a: Linux lb2-dp-vm 2.6.8-3-686 #1 Tue Dec 5 21:26:38 UTC 2006
i686 GNU/Linux
openssl version: OpenSSL 0.9.7e 25 Oct 2004
So, if I create my /etc/ssl/certs/stunnel.pem file like this:
-----BEGIN RSA PRIVATE KEY-----
rsa_priv_key
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
secured.behringer.com_certificate
-----END CERTIFICATE-----
-- OR --
-----BEGIN RSA PRIVATE KEY-----
rsa_priv_key
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
secured.behringer.com_certificate
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
VeriSign Intermediate CA Certificate
(https://www.verisign.com.sg/support/ssl/install/intermediate/secure.shtml)
-----END CERTIFICATE-----
I get the mentioned error. If I create the /etc/ssl/certs/stunnel.pem
like this:
-----BEGIN RSA PRIVATE KEY-----
rsa_priv_key
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
VeriSign Intermediate CA Certificate
(https://www.verisign.com.sg/support/ssl/install/intermediate/secure.shtml)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
secured.behringer.com_certificate
-----END CERTIFICATE-----
I get the error:
"[...] X509_check_private_key:key values mismatch"
You may see the log here:
http://pastebin.ca/793500
Any clues on what am I doing wrong?
Thank you so much!
unai
More information about the stunnel-users
mailing list