[stunnel-users] VeriSign Intermediate CA Certificate issue.

Unai Rodriguez me at u-journal.org
Tue Nov 27 09:20:40 CET 2007


Guys, I have solved this issue. I was copy-pasting the wrong 
intermediate certificate. It is working fine now.

Thank you so much!
unai

Unai Rodriguez wrote:
> Dear All,
> 
> I am trying to set an https layer using stunnel. I am having problems 
> with the intermediary certificate since it appears broken to the user. 
> You may find a screenshot here:
> 
> http://u-journal.org/stunnel/Root_Cert_Err.jpg
> 
> My stunnel version is: 3.26 running on Debian 3.1
> 
> I run stunnel as standalone with this parameters:
> 
> stunnel -d 10.123.16.103:443 -D 7 -R /etc/ssl/certs/stunnel.rnd \
> 	-p /etc/ssl/certs/stunnel.pem -o /var/log/stunnel/stunnel.log \
> 		-r 10.123.16.103:80 -N https
> 
> You may find the output of my stunnel -V here:
> http://pastebin.ca/793495
> 
> uname -a: Linux lb2-dp-vm 2.6.8-3-686 #1 Tue Dec 5 21:26:38 UTC 2006 
> i686 GNU/Linux
> 
> openssl version: OpenSSL 0.9.7e 25 Oct 2004
> 
> So, if I create my /etc/ssl/certs/stunnel.pem file like this:
> 
> -----BEGIN RSA PRIVATE KEY-----
> rsa_priv_key
> -----END RSA PRIVATE KEY-----
> 
> -----BEGIN CERTIFICATE-----
> secured.behringer.com_certificate
> -----END CERTIFICATE-----
> 
> -- OR --
> 
> -----BEGIN RSA PRIVATE KEY-----
> rsa_priv_key
> -----END RSA PRIVATE KEY-----
> 
> -----BEGIN CERTIFICATE-----
> secured.behringer.com_certificate
> -----END CERTIFICATE-----
> 
> -----BEGIN CERTIFICATE-----
> VeriSign Intermediate CA Certificate
> (https://www.verisign.com.sg/support/ssl/install/intermediate/secure.shtml)
> -----END CERTIFICATE-----
> 
> I get the mentioned error. If I create the /etc/ssl/certs/stunnel.pem 
> like this:
> 
> -----BEGIN RSA PRIVATE KEY-----
> rsa_priv_key
> -----END RSA PRIVATE KEY-----
> 
> -----BEGIN CERTIFICATE-----
> VeriSign Intermediate CA Certificate
> (https://www.verisign.com.sg/support/ssl/install/intermediate/secure.shtml)
> -----END CERTIFICATE-----
> 
> -----BEGIN CERTIFICATE-----
> secured.behringer.com_certificate
> -----END CERTIFICATE-----
> 
> I get the error:
> "[...] X509_check_private_key:key values mismatch"
> 
> You may see the log here:
> http://pastebin.ca/793500
> 
> Any clues on what am I doing wrong?
> 
> Thank you so much!
> unai
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users



More information about the stunnel-users mailing list