[stunnel-users] Cannot connect to SBC/yahoo to send (or telnet)

• Previous message (by thread): [stunnel-users] Cannot connect to SBC/yahoo to send (or telnet)
• Next message (by thread): [stunnel-users] Help - Getting stunnel compiled on windows and using a patch
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Try the option
sslVersion=TLSv1

2008/11/11 James Moe <jimoe at sohnen-moe.com>

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
>  (I sent this yesterday but that one seems to have gotten lost....)
>  Stunnel v4.20.
>  When connecting to SBC/Yahoo, the session is terminated
> with a "bad certificate" message. See the log below. The tech folks claim
> all is well at their end.
>  Is there something I am missing here?
>  Here is the conf file:
>
> ....[ conf ]....
>
> socket = l:TCP_NODELAY=1
> socket = r:TCP_NODELAY=1
> client = yes
> output = G:/c/voice/pmmdev/testcase/bin/stunnel.log
> verify = 0
> debug  = 7
> cert   = g:/c/voice/pmmdev/testcase/bin/sma-test.pem
>
> [sbc]
>  accept  = localhost:6325
>  connect = smtp.att.yahoo.com:465
>
> ....[ end conf ]....
>
> ....[ connection log ]....
>
> 2008.11.11 00:14:17 LOG7[223:1737]: sbc accepted FD=15 from
> 127.0.0.1:61053
> 2008.11.11 00:14:17 LOG7[223:1737]: Creating a new thread
> 2008.11.11 00:14:17 LOG7[223:1737]: New thread created
> 2008.11.11 00:14:17 LOG7[251:1737]: sbc started
> 2008.11.11 00:14:17 LOG7[251:1737]: FD 15 in non-blocking mode
> 2008.11.11 00:14:17 LOG7[251:1737]: TCP_NODELAY option set on local socket
> 2008.11.11 00:14:17 LOG5[251:1737]: sbc accepted connection from
> 127.0.0.1:61053
> 2008.11.11 00:14:17 LOG7[251:1737]: FD 16 in non-blocking mode
> 2008.11.11 00:14:17 LOG7[251:1737]: sbc connecting 69.147.64.31:465
> 2008.11.11 00:14:17 LOG7[251:1737]: connect_wait: waiting 10 seconds
> 2008.11.11 00:14:17 LOG7[251:1737]: connect_wait: connected
> 2008.11.11 00:14:17 LOG5[251:1737]: sbc connected remote server from
> 192.168.69.14:61054
> 2008.11.11 00:14:17 LOG7[251:1737]: Remote FD=16 initialized
> 2008.11.11 00:14:17 LOG7[251:1737]: TCP_NODELAY option set on remote socket
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): before/connect
> initialization
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> client hello A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> hello A
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY IGNORE: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo! Inc./OU=Yahoo/CN=
> smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY OK: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo! Inc./OU=Yahoo/CN=
> smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY IGNORE: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo! Inc./OU=Yahoo/CN=
> smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY OK: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo! Inc./OU=Yahoo/CN=
> smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY IGNORE: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo! Inc./OU=Yahoo/CN=
> smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG5[251:1737]: VERIFY OK: depth=0,
> /C=US/ST=California/L=Santa Clara/O=Yahoo! Inc./OU=Yahoo/CN=
> smtp.att.yahoo.com
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> certificate A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> certificate request A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 read server
> done A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> client certificate A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> client key exchange A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> certificate verify A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> change cipher spec A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 write
> finished A
> 2008.11.11 00:14:17 LOG7[251:1737]: SSL state (connect): SSLv3 flush data
> 2008.11.11 00:14:18 LOG7[251:1737]: SSL alert (read): fatal: bad
> certificate
> 2008.11.11 00:14:18 LOG3[251:1737]: SSL_connect: 14094412:
> error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
> 2008.11.11 00:14:18 LOG5[251:1737]: Connection reset: 0 bytes sent to SSL,
> 0 bytes sent to socket
> 2008.11.11 00:14:18 LOG7[251:1737]: sbc finished (0 left)
>
>
> ....[ end log ]....
>
> - --
> jimoe (at) sohnen-moe (dot) com
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (OS/2)
>
> iD8DBQFJGe4zzTcr8Prq0ZMRAhSPAJ4h6YHyR+/W5brb7FK1tbbW1zYZ+wCglxpC
> 9k2qqpP2hN99BL0TnsNhlnw=
> =P74g
> -----END PGP SIGNATURE-----
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>



-- 
Christophe Nanteuil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20081112/346485b5/attachment.html>

• Previous message (by thread): [stunnel-users] Cannot connect to SBC/yahoo to send (or telnet)
• Next message (by thread): [stunnel-users] Help - Getting stunnel compiled on windows and using a patch
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]