[stunnel-users] Multiple Domains for https

Thomas Manson dev.mansonthomas at gmail.com
Thu Feb 23 00:38:53 CET 2012


Hello,

 Sorry for the delay, soooo much things to do and I add trouble to get
extra IP from my ISP.

  Now this things are sorted, I've an issue when I add one more domain.

  the CRT file is generated by my registrar. If it's in the wrong format,
How can I convert it?


root at ns0:/var/log/stunnel4# service stunnel4 start
Starting SSL tunnels: [Started: /etc/stunnel/base.conf] Reading
configuration from file /etc/stunnel/mansonthomas.com.conf
Snagged 64 random bytes from /dev/urandom
PRNG seeded successfully
Using DH parameters from /etc/stunnel/sites/
mansonthomas.com/mansonthomas.com.crt
DH initialized with 2048 bit key
ECDH initialized
Certificate: /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
Certificate loaded
Key file: /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
error queue: 140B0009 : error:140B0009:SSL
routines:SSL_CTX_use_PrivateKey_file:PEM lib
SSL_CTX_use_PrivateKey_file: 906D06C: error:0906D06C:PEM
routines:PEM_read_bio:no start line
[Failed: /etc/stunnel/mansonthomas.com.conf]
You should check that you have specified the pid= in you configuration file

*The CRT file look like this : *
root at ns0:/etc/stunnel/sites/mansonthomas.com# cat mansonthomas.com.crt
-----BEGIN CERTIFICATE-----
MIIE3zCCA8egCwIBAgIRAJhidFW4DBk0X/aIvC6ZYNUwDQYJKoZIhvcNAQEF
BQAw4TELMAkGA1aEBhMCRlIxEjAQBgNVBAoTCUdBTkR34FNBUzEeMBwGA1UE
AxMVR2FuZGkgU3RhbZRhc1QgU1NMIENBMB4XDTExGTAxNDAwPDAwMFoXDTE
...

DbAzOLhzx0BQKBZHtNzCDD9kwPYg4w4PhVcgTTrLkNdcr3Fh
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
.....
-----END DH PARAMETERS-----




/etc/stunnel/base.conf
====================================

root at ns0:/etc/stunnel# cat base.conf
debug = 7


sslVersion = SSLv3
cert=/etc/stunnel/sites/mysite.com/mysite.com.crt
key=/etc/stunnel/sites/mysite.com/mysite.com.key


; security enhancements for UNIX systems
; for chroot a copy of some devices and files is needed within the jail
;chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
; PID is created inside the chroot jail
pid = /stunnel4.pid


socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
output = /var/log/stunnel.log

[https-mysite.com]
accept=88.190.17.222:443
connect=127.0.0.1:82
====================================


root at ns0:/etc/stunnel# cat mansonthomas.com.conf
====================================
[mansonthomas.com]
cert          = /etc/stunnel/sites/mansonthomas.com/mansonthomas.com.crt
accept        = 88.190.217.117:443
connect       = 127.0.0.1:82

TIMEOUTclose  = 0
====================================


Strangely, there is no file /var/log/stunnel.log
but a 0 length file in /var/log/stunnel4/stunnel.log

root at ns0:/etc/stunnel# ll /var/log/stunnel4/stunnel.log
-rw-r--r-- 1 stunnel4 stunnel4 0 2012-01-17 20:31
/var/log/stunnel4/stunnel.log


Any idea?

Regards,
Thomas.

On Sat, Feb 11, 2012 at 13:34, <josealf at rocketmail.com> wrote:

> Thomas,
>
> Your config looks fine.  If not working, Set debug=7 in stunnel.conf and
> post your log.
>
> Jose
> -----Original Message-----
> From: Thomas Manson <dev.mansonthomas at gmail.com>
> Sender: stunnel-users-bounces at stunnel.org
> Date: Fri, 10 Feb 2012 22:09:38
> To: <stunnel-users at stunnel.org>
> Subject: [stunnel-users]  Multiple Domains for https
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20120222/9adc83f4/attachment.html>


More information about the stunnel-users mailing list