[stunnel-users] Configure Error

• Previous message (by thread): [stunnel-users] Configure Error
• Next message (by thread): [stunnel-users] Configure Error
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 12, 2017 at 5:22 PM, Kenway Ng <kenwayng at gmail.com> wrote:

>
> I am trying to upgrade our version of stunnel.  Our SME left and now I am
> trying to upgrade stunnel to fix a vulnerability .  I am being told to use
> TLS1.1 or higher
>
> $ ./stunnel -version
>
> stunnel 4.15 on x86_64-redhat-linux-gnu with OpenSSL 0.9.8e-fips-rhel5 01
> Jul 2008
>
> Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
>
>
>

​I don't have RHEL5 64-bit but these links may help:

https://miteshshah.github.io/linux/centos/how-to-enable-openssl-1-0-2-a-tlsv1-1-and-tlsv1-2-on-centos-5-and-rhel5/

http://serverfault.com/questions/296765/cannot-find-ssl-libraries-when-configuring-stunnel​

​These links involve re-compiling OpenSSL and Stunnel, in that order. I
would opt for OpenSSL 1.0.2k (latest as of 20170412) since 1.0.1 and below
are all EOL as of 12/31/2016. OpenSSL 0.9.8 supports only TLS v1.0​,
whereas OpenSSL 1.0.1 supports TLS v1.0, v1.1 and v1.2.

 -Rob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20170412/ff5a5bbd/attachment.html>

• Previous message (by thread): [stunnel-users] Configure Error
• Next message (by thread): [stunnel-users] Configure Error
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]