[stunnel-users] some version issue

Sergey Pimenov spimenovv at gmail.com
Thu Oct 25 09:08:41 CEST 2012


Hello, I have a little problem, working with stunnel.

The problem is:

25 10:50:53 LOG3[2612:1972]: SSL_connect: 1408F10B: error:1408F10B:SSL
routines:SSL3_GET_RECORD:wrong version number

and the full log:

25 10:50:32 LOG7[2612:2988]: No limit detected for the number of clients
2012.10.25 10:50:32 LOG5[2612:2988]: stunnel 4.53 on x86-pc-mingw32-gnu
platform
2012.10.25 10:50:32 LOG5[2612:2988]: Compiled/running with OpenSSL
0.9.8s-fips 4 Jan 2012
2012.10.25 10:50:32 LOG5[2612:2988]: Threading:WIN32 SSL:+ENGINE+OCSP+FIPS
Auth:none Sockets:SELECT+IPv6
2012.10.25 10:50:32 LOG5[2612:2988]: Reading configuration from file
stunnel.conf
2012.10.25 10:50:33 LOG5[2612:2988]: FIPS mode is enabled
2012.10.25 10:50:33 LOG7[2612:2988]: Compression not enabled
2012.10.25 10:50:33 LOG7[2612:2988]: PRNG seeded successfully
2012.10.25 10:50:33 LOG6[2612:2988]: Initializing service section [POS]
2012.10.25 10:50:33 LOG7[2612:2988]: Certificate:
C:\Arcus2\SSL\pos3135pem.pem
2012.10.25 10:50:33 LOG7[2612:2988]: Certificate loaded
2012.10.25 10:50:33 LOG7[2612:2988]: Key file: C:\Arcus2\SSL\pos3135key.pem
2012.10.25 10:50:33 LOG7[2612:2988]: Private key loaded
2012.10.25 10:50:33 LOG7[2612:2988]: SSL options set: 0x00000004
2012.10.25 10:50:33 LOG5[2612:2988]: Configuration successful
2012.10.25 10:50:33 LOG7[2612:2988]: Service [POS] (FD=180) bound to
127.0.0.1:9021
2012.10.25 10:50:53 LOG7[2612:2988]: Service [POS] accepted (FD=260) from
127.0.0.1:3645
2012.10.25 10:50:53 LOG7[2612:2988]: Creating a new thread
2012.10.25 10:50:53 LOG7[2612:2988]: New thread created
2012.10.25 10:50:53 LOG7[2612:1972]: Service [POS] started
2012.10.25 10:50:53 LOG5[2612:1972]: Service [POS] accepted connection from
127.0.0.1:3645
2012.10.25 10:50:53 LOG6[2612:1972]: connect_blocking: connecting
217.69.205.63:9021
2012.10.25 10:50:53 LOG7[2612:1972]: connect_blocking: s_poll_wait
217.69.205.63:9021: waiting 10 seconds
2012.10.25 10:50:53 LOG5[2612:1972]: connect_blocking: connected
217.69.205.63:9021
2012.10.25 10:50:53 LOG5[2612:1972]: Service [POS] connected remote server
from 213.156.128.147:3646
2012.10.25 10:50:53 LOG7[2612:1972]: Remote socket (FD=284) initialized
2012.10.25 10:50:53 LOG3[2612:1972]: SSL_connect: 1408F10B:
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2012.10.25 10:50:53 LOG5[2612:1972]: Connection reset: 0 byte(s) sent to
SSL, 0 byte(s) sent to socket
2012.10.25 10:50:53 LOG7[2612:1972]: Remote socket (FD=284) closed
2012.10.25 10:50:53 LOG7[2612:1972]: Local socket (FD=260) closed
2012.10.25 10:50:53 LOG7[2612:1972]: Service [POS] finished (0 left)

my .conf file is:

cert = C:\Arcus2\SSL\pos3135pem.pem
key = C:\Arcus2\SSL\pos3135key.pem
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
CAfile = C:\Arcus2\SSL\cacert.pem
debug = 7
output = stunnel.log
[POS]
client = yes
accept = 127.0.0.1:9021
connect = xxx.xxx.xxx.xxx:9021

if I change conf file, adding sslVersion = all or sslVersion = SSLv3, I
have another error

Section POS: sslVersion = TLSv1 is required in FIPS mode

Thank your for help,
Sergey Pimenov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20121025/9e77087b/attachment.html>


More information about the stunnel-users mailing list