[stunnel-users] routines:ssl3_read_bytes:sslv3 alert certificate unknown
Ziad Badawi
ZiadR.B at gmail.com
Mon Dec 4 10:24:54 CET 2017
Greetings,
I am trying to capture clear text pcaps from client (browser) - server
(java appserver) traffic.
The java appserver is jboss using https. I'm running jboss and stunnel on
the same machine.
# stunnel.conf
debug = 3
foreground = yes
[jboss]
client = yes
cert= stunnel.pem # generated using makecert.sh
accept = 1234
connect = 127.0.0.1:443
Version:
stunnel 5.44 on x86_64-pc-linux-gnu platform
Compiled/running with OpenSSL 1.0.2k-fips 26 Jan 2017
Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI
Global options:
RNDbytes = 64
RNDfile = /dev/urandom
RNDoverwrite = yes
Service-level options:
ciphers = FIPS (with "fips = yes")
ciphers = HIGH:!DH:!aNULL:!SSLv2 (with "fips = no")
curve = prime256v1
debug = daemon.notice
logId = sequential
options = NO_SSLv2
options = NO_SSLv3
sessionCacheSize = 1000
sessionCacheTimeout = 300 seconds
stack = 65536 bytes
TIMEOUTbusy = 300 seconds
TIMEOUTclose = 60 seconds
TIMEOUTconnect = 10 seconds
TIMEOUTidle = 43200 seconds
verify = none
When I try to test it usng firefox by browsing to https://localhost:1234,
FF returns "Secure Connection Failed" and stunnel spits
2017.12.01 20:35:10 LOG3[0]: SSL_connect: 14094416: error:14094416:SSL
routines:ssl3_read_bytes:sslv3 alert certificate unknown
What am I missing / doing wrong?
Regards
Z
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20171204/9da211dd/attachment.html>
More information about the stunnel-users
mailing list