[stunnel-users] server does not send its cert?

Keresztfalvi Laszlo lkereszt at gmail.com
Tue Feb 14 13:29:43 CET 2012


Jose,

Oh, yeah! This solved the problem!

Actually, *fips = no* alone was enough to let the certs meet.

Previously, I just didn't bothered the FIPS setting since I couldn't
imagine that non-approved protocols would be used or any crypto/algo
deviances would show up.. in such a simple case :) It was very frustrating
that the OpenSSL test commands (s_server, s_client) worked.

You may leave this solution visible for Google or extend the documentation
/ FAQ  to help others.. No relevant document showed up for the next search
strings:
SSL3_GET_CERTIFICATE_REQUEST:tls client cert req with anon cipher
SSL3_READ_BYTES:sslv3 alert unexpected message

Thank you very very much!
Laszlo


On Tue, Feb 14, 2012 at 12:06, <josealf at rocketmail.com> wrote:

> Laszlo,
>
> Please add
>
>  key=stunnel.pem
>  fips=no
>
>  to your config files.
> Make sure stunnel.pem contains the certifcate and private key for each
> computer. Try again and let us know the results.
>
> Regards
> Jose
>
> -----Original Message-----
> From: Keresztfalvi Laszlo <lkereszt at gmail.com>
> Sender: stunnel-users-bounces at stunnel.org
> Date: Tue, 14 Feb 2012 10:05:15
> To: <stunnel-users at stunnel.org>
> Subject: [stunnel-users] server does not send its cert?
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20120214/ce2e19d4/attachment.html>


More information about the stunnel-users mailing list