[stunnel-users] Cannot connect to SBC/yahoo to send (or telnet)
alexlim
alex at limberis.net
Sat Nov 29 22:24:52 CET 2008
Thanks to James email today. I was able to get it to work. Quoting James
here.
The solution was to remove the "cert" line from the configuration file.
The "verify" level had to stay at 0.
This did the trick.
James Moe-2 wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
> (I sent this yesterday but that one seems to have gotten lost....)
> Stunnel v4.20.
> When connecting to SBC/Yahoo, the session is terminated
> with a "bad certificate" message. See the log below. The tech folks claim
> all is well at their end.
> Is there something I am missing here?
> Here is the conf file:
>
> ....[ conf ]....
>
> socket = l:TCP_NODELAY=1
> socket = r:TCP_NODELAY=1
> client = yes
> output = G:/c/voice/pmmdev/testcase/bin/stunnel.log
> verify = 0
> debug = 7
> cert = g:/c/voice/pmmdev/testcase/bin/sma-test.pem
>
> [sbc]
> accept = localhost:6325
> connect = smtp.att.yahoo.com:465
>
> ....[ end conf ]....
>
> ....[ connection log ]....
>
> 2008.11.11 00:14:17 LOG7[223:1737]: sbc accepted FD=15 from
> 127.0.0.1:61053
> 2008.11.11 00:14:17 LOG7[223:1737]: Creating a new thread
> 2008.11.11 00:14:17 LOG7[223:1737]: New thread created
> 2008.11.11 00:14:17 LOG7[251:1737]: sbc started
> 2008.11.11 00:14:17 LOG7[251:1737]: FD 15 in non-blocking mode
> 2008.11.11 00:14:17 LOG7[251:1737]: TCP_NODELAY option set on local socket
> 2008.11.11 00:14:17 LOG5[251:1737]: sbc accepted connection from
> 127.0.0.1:61053
> 2008.11.11 00:14:17 LOG7[251:1737]: FD 16 in non-blocking mode
> 2008.11.11 00:14:17 LOG7[251:1737]: sbc connecting 69.147.64.31:465
> 2008.11.11 00:14:17 LOG7[251:1737]: connect_wait: waiting 10 seconds
> 2008.11.11 00:14:17 LOG7[251:1737]: connect_wait: connected
> 2008.11.11 00:14:17 LOG5[251:1737]: sbc connected remote server from
> 192.168.69.14:61054
> 2008.11.11 00:14:17 LOG7[251:1737]: Remote FD=16 initialized
> 2008.11.11 00:14:17 LOG7[251:1737]: TCP_NODELAY option set on remote
> socket
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): before/connect
> initialization
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> client hello A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> hello A
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY IGNORE: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY OK: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY IGNORE: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY OK: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY IGNORE: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY OK: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo!
> Inc./OU=Yahoo/CN=smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> certificate A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> certificate request A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> done A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> client certificate A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> client key exchange A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> certificate verify A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> change cipher spec A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> finished A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 flush data
> 2008.11.11 00:14:18 LOG7[251:1737]: SSL alert (read): fatal: bad
> certificate
> 2008.11.11 00:14:18 LOG3[251:1737]: SSL_connect: 14094412:
> error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
> 2008.11.11 00:14:18 LOG5[251:1737]: Connection reset: 0 bytes sent to SSL,
> 0 bytes sent to socket
> 2008.11.11 00:14:18 LOG7[251:1737]: sbc finished (0 left)
>
>
> ....[ end log ]....
>
> - --
> jimoe (at) sohnen-moe (dot) com
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (OS/2)
>
> iD8DBQFJGe4zzTcr8Prq0ZMRAhSPAJ4h6YHyR+/W5brb7FK1tbbW1zYZ+wCglxpC
> 9k2qqpP2hN99BL0TnsNhlnw=
> =P74g
> -----END PGP SIGNATURE-----
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>
>
--
View this message in context: http://www.nabble.com/Cannot-connect-to-SBC-yahoo-to-send-%28or-telnet%29-tp20449058p20751631.html
Sent from the Stunnel - Users mailing list archive at Nabble.com.
More information about the stunnel-users
mailing list