[stunnel-users] Multiple Domains for https
Thomas Manson
dev.mansonthomas at gmail.com
Thu Feb 23 00:38:53 CET 2012
Hello,
Sorry for the delay, soooo much things to do and I add trouble to get
extra IP from my ISP.
Now this things are sorted, I've an issue when I add one more domain.
the CRT file is generated by my registrar. If it's in the wrong format,
How can I convert it?
root at ns0:/var/log/stunnel4# service stunnel4 start
Starting SSL tunnels: [Started: /etc/stunnel/base.conf] Reading
configuration from file /etc/stunnel/mansonthomas.com.conf
Snagged 64 random bytes from /dev/urandom
PRNG seeded successfully
Using DH parameters from /etc/stunnel/sites/
mansonthomas.com/mansonthomas.com.crt
DH initialized with 2048 bit key
ECDH initialized
Certificate: /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
Certificate loaded
Key file: /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
error queue: 140B0009 : error:140B0009:SSL
routines:SSL_CTX_use_PrivateKey_file:PEM lib
SSL_CTX_use_PrivateKey_file: 906D06C: error:0906D06C:PEM
routines:PEM_read_bio:no start line
[Failed: /etc/stunnel/mansonthomas.com.conf]
You should check that you have specified the pid= in you configuration file
*The CRT file look like this : *
root at ns0:/etc/stunnel/sites/mansonthomas.com# cat mansonthomas.com.crt
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egCwIBAgIRAJhidFW4DBk0X/aIvC6ZYNUwDQYJKoZIhvcNAQEF
BQAw4TELMAkGA1aEBhMCRlIxEjAQBgNVBAoTCUdBTkR34FNBUzEeMBwGA1UE
AxMVR2FuZGkgU3RhbZRhc1QgU1NMIENBMB4XDTExGTAxNDAwPDAwMFoXDTE
...
DbAzOLhzx0BQKBZHtNzCDD9kwPYg4w4PhVcgTTrLkNdcr3Fh
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
.....
-----END DH PARAMETERS-----
/etc/stunnel/base.conf
====================================
root at ns0:/etc/stunnel# cat base.conf
debug = 7
sslVersion = SSLv3
cert=/etc/stunnel/sites/mysite.com/mysite.com.crt
key=/etc/stunnel/sites/mysite.com/mysite.com.key
; security enhancements for UNIX systems
; for chroot a copy of some devices and files is needed within the jail
;chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
; PID is created inside the chroot jail
pid = /stunnel4.pid
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
output = /var/log/stunnel.log
[https-mysite.com]
accept=88.190.17.222:443
connect=127.0.0.1:82
====================================
root at ns0:/etc/stunnel# cat mansonthomas.com.conf
====================================
[mansonthomas.com]
cert = /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
accept = 88.190.217.117:443
connect = 127.0.0.1:82
TIMEOUTclose = 0
====================================
Strangely, there is no file /var/log/stunnel.log
but a 0 length file in /var/log/stunnel4/stunnel.log
root at ns0:/etc/stunnel# ll /var/log/stunnel4/stunnel.log
-rw-r--r-- 1 stunnel4 stunnel4 0 2012-01-17 20:31
/var/log/stunnel4/stunnel.log
Any idea?
Regards,
Thomas.
On Sat, Feb 11, 2012 at 13:34, <josealf at rocketmail.com> wrote:
> Thomas,
>
> Your config looks fine. If not working, Set debug=7 in stunnel.conf and
> post your log.
>
> Jose
> -----Original Message-----
> From: Thomas Manson <dev.mansonthomas at gmail.com>
> Sender: stunnel-users-bounces at stunnel.org
> Date: Fri, 10 Feb 2012 22:09:38
> To: <stunnel-users at stunnel.org>
> Subject: [stunnel-users] Multiple Domains for https
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20120222/9adc83f4/attachment.html>
More information about the stunnel-users
mailing list