[stunnel-users] VeriSign Intermediate CA Certificate issue.
Unai Rodriguez
me at u-journal.org
Tue Nov 27 09:20:40 CET 2007
Guys, I have solved this issue. I was copy-pasting the wrong
intermediate certificate. It is working fine now.
Thank you so much!
unai
Unai Rodriguez wrote:
> Dear All,
>
> I am trying to set an https layer using stunnel. I am having problems
> with the intermediary certificate since it appears broken to the user.
> You may find a screenshot here:
>
> http://u-journal.org/stunnel/Root_Cert_Err.jpg
>
> My stunnel version is: 3.26 running on Debian 3.1
>
> I run stunnel as standalone with this parameters:
>
> stunnel -d 10.123.16.103:443 -D 7 -R /etc/ssl/certs/stunnel.rnd \
> -p /etc/ssl/certs/stunnel.pem -o /var/log/stunnel/stunnel.log \
> -r 10.123.16.103:80 -N https
>
> You may find the output of my stunnel -V here:
> http://pastebin.ca/793495
>
> uname -a: Linux lb2-dp-vm 2.6.8-3-686 #1 Tue Dec 5 21:26:38 UTC 2006
> i686 GNU/Linux
>
> openssl version: OpenSSL 0.9.7e 25 Oct 2004
>
> So, if I create my /etc/ssl/certs/stunnel.pem file like this:
>
> -----BEGIN RSA PRIVATE KEY-----
> rsa_priv_key
> -----END RSA PRIVATE KEY-----
>
> -----BEGIN CERTIFICATE-----
> secured.behringer.com_certificate
> -----END CERTIFICATE-----
>
> -- OR --
>
> -----BEGIN RSA PRIVATE KEY-----
> rsa_priv_key
> -----END RSA PRIVATE KEY-----
>
> -----BEGIN CERTIFICATE-----
> secured.behringer.com_certificate
> -----END CERTIFICATE-----
>
> -----BEGIN CERTIFICATE-----
> VeriSign Intermediate CA Certificate
> (https://www.verisign.com.sg/support/ssl/install/intermediate/secure.shtml)
> -----END CERTIFICATE-----
>
> I get the mentioned error. If I create the /etc/ssl/certs/stunnel.pem
> like this:
>
> -----BEGIN RSA PRIVATE KEY-----
> rsa_priv_key
> -----END RSA PRIVATE KEY-----
>
> -----BEGIN CERTIFICATE-----
> VeriSign Intermediate CA Certificate
> (https://www.verisign.com.sg/support/ssl/install/intermediate/secure.shtml)
> -----END CERTIFICATE-----
>
> -----BEGIN CERTIFICATE-----
> secured.behringer.com_certificate
> -----END CERTIFICATE-----
>
> I get the error:
> "[...] X509_check_private_key:key values mismatch"
>
> You may see the log here:
> http://pastebin.ca/793500
>
> Any clues on what am I doing wrong?
>
> Thank you so much!
> unai
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
More information about the stunnel-users
mailing list