[stunnel-users] Configuring Stunnel to work between client and server - possible certificate issue
Ludolf Holzheid
lholzheid at bihl-wiedemann.de
Tue May 17 10:01:01 CEST 2016
On Mon, 2016-05-16 16:25:04 +0000, David Faizulaev wrote:
> Hello,
>
> I've found Stunnel as a potential answer to securely moving traffic between two machines.
> But I'm having some difficulties configuring the software.
>
> I've installed it on to the client machine and configured the client to connect to 127.0.0.1:8449 while the Server to which the client needs to connect is 192.168.220.72:8447
> In the stunnel.conf I've set the following:
>
> [custom]
> accept = 127.0.0.1:8449
> connect = 192.168.220.72:8447
> cert = 220.72.cer
> TIMEOUTclose = 0
>
> Upon initializing Stunnel I get the following error:
>
> 2016.05.16 19:14:04 LOG3[main]: error queue: 140B0009: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib
> 2016.05.16 19:14:04 LOG3[main]: SSL_CTX_use_PrivateKey_file: 906D06C: error:0906D06C:PEM routines:PEM_read_bio:no start line
David,
Stunnel doesn't like your key file.
Maybe it's not in PEM format, or it does not contain a private key.
Try to open it with a text editor. There should be lines reading
"-----BEGIN RSA PRIVATE KEY-----" and "-----END RSA PRIVATE KEY-----"
with some base64 coded stuff in between.
(There also should be a certificate enclosed in
"-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----", but for
now, stunnel is missing the private key.)
HTH,
Ludolf
--
Ludolf Holzheid
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
Tel: +49 621 33996-0
Fax: +49 621 3392239
mailto:lholzheid at bihl-wiedemann.de
http://www.bihl-wiedemann.de
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796
More information about the stunnel-users
mailing list