[stunnel-users] Can't connect to Yahoo POP3

Gary Kuznitz docfxit at theoffice.la
Sat May 16 01:39:25 CEST 2009 

I made some changes...

On 15 May 2009 at 12:40, stunnel-users at mirt.net (Gary Kuznitz <docfxit at theoffice.la>) commented about Re: [stunnel-users] Can't connect t:

> Thank you for the reply...
> 
> On 15 May 2009 at 20:55, Michal (Michal Trojnara <Michal.Trojnara at mobi-com.net>) commented about Re: [stunnel-users] Can't connect to Yahoo POP3:
> 
> > Gary Kuznitz wrote:
> > > How can I get a god certificate for Stunnel to use?
> > > How would I set that up in Stunnel?
> > 
> > You don't really need a certificate for an SSL client.  Just disable it.
> 
> How can I disable it?
> 
> > You rather want to setup server certificate verification with "CAfile"  
> > and "verify".
> 
> I have un-commented: 
> CAfile = certs.pem
I commented out the above line.
Now I'm getting a new error.  Here is the log:
2009.05.15 16:32:30 LOG7[16267607:16279139]: RAND_status claims sufficient 
entropy for the PRNG
2009.05.15 16:32:30 LOG7[16267607:16279139]: PRNG seeded successfully
2009.05.15 16:32:31 LOG7[16267607:16279139]: Certificate: stunnel.pem
2009.05.15 16:32:31 LOG7[16267607:16279139]: Certificate loaded
2009.05.15 16:32:31 LOG7[16267607:16279139]: Key file: stunnel.pem
2009.05.15 16:32:31 LOG7[16267607:16279139]: Private key loaded
2009.05.15 16:32:31 LOG3[16267607:16279139]: Either CApath or CAfile has to be 
used for authentication

2009.05.15 16:32:31 LOG3[16267607:16279139]: Server is down
> verify = 2
> 
> That gave me an error:
> 2009.05.15 12:38:13 LOG3[16278859:16279139]: Error loading verify certificates 
> from certs.pem
> 2009.05.15 12:38:13 LOG3[16278859:16279139]: error stack: B084002 : 
> error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
> 2009.05.15 12:38:13 LOG3[16278859:16279139]: error stack: 2006D080 : 
> error:2006D080:BIO routines:BIO_new_file:no such file
> 2009.05.15 12:38:13 LOG3[16278859:16279139]: SSL_CTX_load_verify_locations: 
> 2001002: error:02001002:system library:fopen:No such file or directory
> 
> > > ; Some performance tunings
> > > socket = l:TCP_NODELAY=1
> > > socket = r:TCP_NODELAY=1
> > 
> > IMHO it's not a good idea for non-interactive connections, e.g. pop3.
> 
> I will comment out both of the above.
>  
> > > [pop3_DslextremeGmail]
> > > accept   = 127.0.0.1:11010
> > > connect  = pop.gmail.com:995
> > > delay    = yes
> > >
> > > [pop3_Yahoo]
> > > accept  = 127.0.0.1:11011
> > > connect = pop.mail.yahoo.com:995
> > > delay    = yes
> > [cut]
> > > 2009.05.14 15:48:12 LOG7[16278859:16041803]: SSL context initialized  
> > > for service pop3_Docfxit_Yahoo
> > 
> > I guess you use a different configuration file, as pop3_Docfxit_Yahoo  
> > is not defined in the one you sent.
> 
> I'm sorry.  I'm really using  [pop3_Yahoo]
> 
> After I make a change to the conf. file Do I have to re-boot the PC or is it 
> enough to exit out of Stunnel and launch it again?
> 
> Thank you,
> 
> Gary Kuznitz
> 
> > Best regards,
> > 	Mike
> > _______________________________________________
> > stunnel-users mailing list
> > stunnel-users at mirt.net
> > http://stunnel.mirt.net/mailman/listinfo/stunnel-users
> 
>

More information about the stunnel-users mailing list