[stunnel-users] Trying to get stunnel to work for forwarding pop3sto ipop3 port

Van vanyel at medusa.bioc.aecom.yu.edu
Thu Jun 21 20:00:34 CEST 2007


Thanks Gonz. That seems to be all that was needed.

- Van

On Jun 21, 2007, at 12:53 PM, Gonzalo Diethelm wrote:

> I did a simple search on Google for "stunnel Wrong permissions on"  
> and followed the very first link:
>
> http://ipucu.enderunix.org/view.php?id=973&lang=en
>
> "Wrong permissions on /usr/local/etc/stunnel/stunnel.pem" - Ýsmail  
> Yenigül - (2006-03-07 19:12:40)   [1934]
>
> if you get this error message issue the following command to fix  
> the permission.
>
> # chmod 600 /usr/local/etc/stunnel/stunnel.pem
>
> HTH. Regards.
>
> On Thu, 2007-06-21 at 12:23 -0400, Van wrote:
>> Getting closer. I now get-
>>
>> [van at mailserver ]$ sudo stunnel /usr/local/etc/stunnel/stunnel.conf
>> localhost:ipop3
>>
>> 2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on / 
>> usr/
>> local/etc/stunnel/mail.pem
>> 2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on / 
>> usr/
>> local/etc/stunnel/mail.pem
>> 2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on / 
>> usr/
>> local/etc/stunnel/mail.pem
>>
>> But that doesn't make sense to me. mail.pem permissions are the same
>> as my cert's and it works fine.
>>
>> [van at mailserver change_passwd]$ ls -al /usr/local/etc/stunnel/ 
>> mail.pem
>> -rw-r--r--  1 root root 2942 Jun 20 18:21 /usr/local/etc/stunnel/
>> mail.pem
>>
>> [van at mailserver change_passwd]$ ls -al /etc/httpd/certs/www.crt
>> -rw-r--r--  1 root root 1074 Jun  1 12:30 /etc/httpd/certs/www.crt
>>
>> Is the error misleading? Or what should the mail.pem perms be?
>>
>> Van
>>
>>
>>
>> On Jun 20, 2007, at 9:33 PM, Kevin Cook wrote:
>>
>> >
>> > If you are using a stunnel.conf file, I would replace the '-d pop3s
>> > -r'
>> > with the absolute path to the .conf file:
>> >
>> > sudo /usr/local/sbin/stunnel /usr/local/etc/stunnel/stunnel.conf
>> >
>> > I believe command line options were typically used more in older
>> > versions, but now all configuration is done in the configuration  
>> file.
>> >
>> >
>> > Kevin
>> >
>> > -----Original Message-----
>> > From: Van [mailto:vanyel at medusa.bioc.aecom.yu.edu]
>> > Sent: Wednesday, June 20, 2007 6:03 PM
>> > To: stunnel-users at mirt.net
>> > Subject: [stunnel-users] Trying to get stunnel to work for  
>> forwarding
>> > pop3sto ipop3 port
>> >
>> > Hello,
>> >
>> > This is my introduction to stunnel. I've inherited control of a
>> > pop3 and
>> > imap server running Red Hat Linux 4 that I want to access via pop3s
>> > and
>> > imaps. I'm starting out with securing the pop3 since most users are
>> > using it.
>> >
>> > I downloaded stunnel 4.20 and compiled it according to the
>> > instructions
>> > on stunnel.org.
>> >
>> > I read the certificates section of the site and made a new .pem  
>> file
>> > that I named mail.pem and have in the /usr/local/etc/stunnel/
>> > directory
>> > that /usr/local/etc/stunnel/stunnel.conf asks for.  But when I  
>> try to
>> > run stunnel like in the Examples section I get :
>> >
>> > [van at mailserver ~]$ sudo /usr/local/sbin/stunnel -d pop3s -r
>> > localhost:ipop3
>> > 2007.06.20 17:59:54 LOG3[25516:3086419648]: -d: No such file or
>> > directory (2)
>> > Syntax:
>> > stunnel [<filename>] ] -fd <n> | -help | -version | -sockets
>> >      <filename>  - use specified config file instead of /usr/local/
>> > etc/stunnel/stunnel.conf
>> >      -fd <n>     - read the config file from a file descriptor
>> >      -help       - get config file help
>> >      -version    - display version and defaults
>> >      -sockets    - display default socket options
>> >
>> > I'm a little lost here. Never dealt with a .pem file before  
>> stunnel.
>> > I have a self-signed cert I'm successfully using for https  
>> webmail on
>> > the server and guessing stunnel couldn't see that, I appended my  
>> file
>> > 'mailserver.crt' into  my mail.pem file and edited stunnel.conf  
>> so it
>> > has
>> >
>> > ;CAfile = /usr/local/etc/stunnel/certs.pem CAfile =
>> > /usr/local/etc/stunnel/mail.pem
>> >
>> > but no dice. Same result.
>> >
>> > Trying to debug, I find 'stunnel -V' also gives the same result.
>> >
>> > Can someone point out what's going wrong?
>> >
>> >
>> > -Van
>> > _______________________________________________
>> > stunnel-users mailing list
>> > stunnel-users at mirt.net
>> > http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>> >
>> >
>>
>> _______________________________________________
>> stunnel-users mailing list
>> stunnel-users at mirt.net
>> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>>
>
> -- 
> Gonzalo Diethelm
> gonzalo.diethelm at diethelm.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20070621/6b7ecf92/attachment.html>


More information about the stunnel-users mailing list