[stunnel-users] Cannot connect to SBC/yahoo to send (or telnet)

alexlim alex at limberis.net
Sat Nov 29 00:13:50 CET 2008


Hi,
I'm having the same problem. Setting the ssl level to version 1 didn't seem
to help. Did this work for you>


James Moe-2 wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hello,
>   (I sent this yesterday but that one seems to have gotten lost....)
>   Stunnel v4.20.
>   When connecting to SBC/Yahoo, the session is terminated
> with a "bad certificate" message. See the log below. The tech folks claim
> all is well at their end.
>   Is there something I am missing here?
>   Here is the conf file:
> 
> ....[ conf ]....
> 
> socket = l:TCP_NODELAY=1
> socket = r:TCP_NODELAY=1
> client = yes
> output = G:/c/voice/pmmdev/testcase/bin/stunnel.log
> verify = 0
> debug  = 7
> cert   = g:/c/voice/pmmdev/testcase/bin/sma-test.pem
> 
> [sbc]
>   accept  = localhost:6325
>   connect = smtp.att.yahoo.com:465
> 
> ....[ end conf ]....
> 
> ....[ connection log ]....
> 
> 2008.11.11 00:14:17 LOG7[223:1737]: sbc accepted FD=15 from
> 127.0.0.1:61053
> 2008.11.11 00:14:17 LOG7[223:1737]: Creating a new thread
> 2008.11.11 00:14:17 LOG7[223:1737]: New thread created
> 2008.11.11 00:14:17 LOG7[251:1737]: sbc started
> 2008.11.11 00:14:17 LOG7[251:1737]: FD 15 in non-blocking mode
> 2008.11.11 00:14:17 LOG7[251:1737]: TCP_NODELAY option set on local socket
> 2008.11.11 00:14:17 LOG5[251:1737]: sbc accepted connection from
> 127.0.0.1:61053
> 2008.11.11 00:14:17 LOG7[251:1737]: FD 16 in non-blocking mode
> 2008.11.11 00:14:17 LOG7[251:1737]: sbc connecting 69.147.64.31:465
> 2008.11.11 00:14:17 LOG7[251:1737]: connect_wait: waiting 10 seconds
> 2008.11.11 00:14:17 LOG7[251:1737]: connect_wait: connected
> 2008.11.11 00:14:17 LOG5[251:1737]: sbc connected remote server from
> 192.168.69.14:61054
> 2008.11.11 00:14:17 LOG7[251:1737]: Remote FD=16 initialized
> 2008.11.11 00:14:17 LOG7[251:1737]: TCP_NODELAY option set on remote
> socket
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): before/connect
> initialization
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> client hello A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> hello A
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY IGNORE: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY OK: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY IGNORE: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY OK: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY IGNORE: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY OK: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> certificate A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> certificate request A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> done A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> client certificate A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> client key exchange A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> certificate verify A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> change cipher spec A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> finished A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 flush data
> 2008.11.11 00:14:18 LOG7[251:1737]: SSL alert (read): fatal: bad
> certificate
> 2008.11.11 00:14:18 LOG3[251:1737]: SSL_connect: 14094412:
> error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
> 2008.11.11 00:14:18 LOG5[251:1737]: Connection reset: 0 bytes sent to SSL,
> 0 bytes sent to socket
> 2008.11.11 00:14:18 LOG7[251:1737]: sbc finished (0 left)
> 
> 
> ....[ end log ]....
> 
> - --
> jimoe (at) sohnen-moe (dot) com
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (OS/2)
> 
> iD8DBQFJGe4zzTcr8Prq0ZMRAhSPAJ4h6YHyR+/W5brb7FK1tbbW1zYZ+wCglxpC
> 9k2qqpP2hN99BL0TnsNhlnw=
> =P74g
> -----END PGP SIGNATURE-----
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
> 
> 

-- 
View this message in context: http://www.nabble.com/Cannot-connect-to-SBC-yahoo-to-send-%28or-telnet%29-tp20449058p20741819.html
Sent from the Stunnel - Users mailing list archive at Nabble.com.




More information about the stunnel-users mailing list