[stunnel-users] Stunnel supports ECC certificate?

• Previous message (by thread): [stunnel-users] Stunnel supports ECC certificate?
• Next message (by thread): [stunnel-users] STunnel client on Android?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To those who may find it useful:

Mike came to rescure. He provided some new code and gave me the modified
file to try out.

It worked very well so far, problem solved.

He plans to release the change in the next revision.

Thanks a lot Mike.


Robert Bao

> _____________________________________________ 
> From: 	Bao, Robert  
> Sent:	Thursday, June 03, 2010 2:14 PM
> To:	'stunnel-users at mirt.net'
> Subject:	Stunnel supports ECC certificate?
> 
> I searched the entire archive, couldn't find the answer/solution I am
> looking for. I have to post to this group, and appreciate any
> help/suggestion from any you.
> 
> I use the latest 1.0.0 OpenSSL and 4.33 Stunnel.
> 
> I used OpenSSL commands that very similar to what is described in the
> following link to create the ECC certificate and the private key file.
> http://src.opensolaris.org/source/xref/sfw/usr/src/lib/openssl/openssl
> -0.9.8n/demos/ssltest-ecc/ECC-RSAcertgen.sh
> 
> Start Stunnel, see the following errors:
> Key file: (actual path to the private key file)\HOST.KEY
> error stack: 140B3009 : error:140B3009:SSL
> routines:SSL_CTX_use_RSAPrivateKey_file:PEM lib
> SSL_CTX_use_RSAPrivateKey_file: 607907F: error:0607907F:digital
> envelope routines:EVP_PKEY_get1_RSA:expecting an rsa key
> 
> There was a similar posting 4-5 years ago, and Mike answered it (the
> answer was: Stunnel didn't support ECC at that time).
> http://stunnel.mirt.net/pipermail/stunnel-users/2005-October/000817.ht
> ml
> 
> Seems like this is still true today. Then, when the ECC support will
> be added to Stunnel?
> 
> If Stunnel already supports ECC certificate, how do I make it work?
> 
> Thanks.
> 
> Robert Bao
> Software House
> Tyco International
> 978-577-4202
> 
> Explore our new Tyco Online Learning Center Web-based Training Bundles
> at: www.swhouse.com/support/tyco_online_learning_center.aspx
> 
> This e-mail may contain or have attached to it information or
> technology the export or re-export of which is restricted by U.S. laws
> and regulations. By viewing this e-mail and any attachments, the
> recipient agrees to the following: (i) the recipient's use of the
> contents of this e-mail and any attachments shall comply with all
> applicable laws, rules and regulations, including, without limitation,
> U.S. international trade laws and regulations, and (ii) the recipient
> may not transfer or otherwise export or re-export any information or
> technology contained in this e-mail or any attachment except in full
> compliance with the export controls administered by the U.S. and other
> countries and any applicable import and use restrictions. 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20100608/286f00a9/attachment.html>

• Previous message (by thread): [stunnel-users] Stunnel supports ECC certificate?
• Next message (by thread): [stunnel-users] STunnel client on Android?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]