<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:#0563C1;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:#954F72;
        text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
        {mso-style-priority:34;
        margin-top:0in;
        margin-right:0in;
        margin-bottom:0in;
        margin-left:.5in;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
p.msonormal0, li.msonormal0, div.msonormal0
        {mso-style-name:msonormal;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;}
span.EmailStyle19
        {mso-style-type:personal;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
span.EmailStyle20
        {mso-style-type:personal-reply;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
/* List Definitions */
@list l0
        {mso-list-id:1019047449;
        mso-list-type:hybrid;
        mso-list-template-ids:-1362040460 67698705 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l0:level1
        {mso-level-text:"%1\)";
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level2
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level3
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
@list l0:level4
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level5
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level6
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
@list l0:level7
        {mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level8
        {mso-level-number-format:alpha-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;}
@list l0:level9
        {mso-level-number-format:roman-lower;
        mso-level-tab-stop:none;
        mso-level-number-position:right;
        text-indent:-9.0pt;}
ol
        {margin-bottom:0in;}
ul
        {margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><a name="_MailEndCompose">Issue resolved. I was overthinking it, once I used cert=/path/to/file.p12, and let stunnel prompt for password, it all worked.<o:p></o:p></a></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><b><span style="color:black">Liz Turi</span></b></span><span style="mso-bookmark:_MailEndCompose"><span style="color:black"><o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="color:black">Sr. Consultant<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="color:black">Massachusetts
</span></span><span style="mso-bookmark:_MailEndCompose"><span style="color:red">e</span></span><span style="mso-bookmark:_MailEndCompose"><span style="color:black">Health Collaborative</span></span><span style="mso-bookmark:_MailEndCompose"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="color:black">860 Winter Street, Waltham, MA 02451<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="color:black">(m) 339-222-6614 (o) 781-907-7204 (f) 781-207-8589<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"></span><a href="http://www.maehc.org"><span style="mso-bookmark:_MailEndCompose"><span style="color:blue">www.maehc.org</span></span><span style="mso-bookmark:_MailEndCompose"></span></a><span style="mso-bookmark:_MailEndCompose"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"></span><a href="https://www.facebook.com/massachusettsehealthcollab?fref=nf"><span style="mso-bookmark:_MailEndCompose"><span style="color:blue;text-decoration:none"><img border="0" width="24" height="24" style="width:.25in;height:.25in" id="_x0000_i1030" src="cid:image004.png@01D2E434.B46B2A00" alt="fb_icon"></span></span><span style="mso-bookmark:_MailEndCompose"></span></a><span style="mso-bookmark:_MailEndCompose"></span><a href="https://www.linkedin.com/company/massachusetts-ehealth-collaborative?trk=tyah&trkInfo=clickedVertical%3Acompany%2Cidx%3A1-1-1%2CtarId%3A1432746657126%2Ctas%3AMassachusetts+eHEalth"><span style="mso-bookmark:_MailEndCompose"><span style="color:blue;text-decoration:none"><img border="0" width="24" height="24" style="width:.25in;height:.25in" id="_x0000_i1029" src="cid:image005.png@01D2E434.B46B2A00" alt="li_icon"></span></span><span style="mso-bookmark:_MailEndCompose"></span></a><span style="mso-bookmark:_MailEndCompose"></span><a href="https://twitter.com/MAeHC_org"><span style="mso-bookmark:_MailEndCompose"><span style="color:blue;text-decoration:none"><img border="0" width="24" height="24" style="width:.25in;height:.25in" id="_x0000_i1028" src="cid:image006.png@01D2E434.B46B2A00" alt="tw_icon"></span></span><span style="mso-bookmark:_MailEndCompose"></span></a><span style="mso-bookmark:_MailEndCompose"><o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><o:p> </o:p></span></p>
<span style="mso-bookmark:_MailEndCompose"></span>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Liz Turi <br>
<b>Sent:</b> Tuesday, June 13, 2017 8:40 AM<br>
<b>To:</b> 'stunnel-users@stunnel.org' <stunnel-users@stunnel.org><br>
<b>Subject:</b> Configuring stunnel and openssl on Windows to support TLS 1.2<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Good morning,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I’m hoping you can help point me in the right direction. The problem I’m trying to solve is enabling TLS 1.2 connections on a Windows (environment has both Windows 2008 and Windows 10 environments) platform. Currently, my private keys are
 managed by the Windows certificate store, using the capi engineId within stunnel (v 5.41), which uses OpenSSL 1.0.1. Because of this, stunnel can only negotiate a TLS 1.1 connection.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I’ve tried compiling OpenSSL 1.1.0f and stunnel 5.41, but no luck either cross compiling under CentOS, nor under Windows using either MSYS2/MINGW32 or Cygwin.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">What I’m looking for is any one of the following<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in;mso-list:l0 level1 lfo2"><![if !supportLists]><span style="mso-list:Ignore">1)<span style="font:7.0pt "Times New Roman"">     
</span></span><![endif]>solid current cross-compiling examples or references <o:p>
</o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in;mso-list:l0 level1 lfo2"><![if !supportLists]><span style="mso-list:Ignore">2)<span style="font:7.0pt "Times New Roman"">     
</span></span><![endif]>solid current Windows compiling examples or references using extant versions<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in;mso-list:l0 level1 lfo2"><![if !supportLists]><span style="mso-list:Ignore">3)<span style="font:7.0pt "Times New Roman"">     
</span></span><![endif]>a way to manage the pfx/p12 (private key) in stunnel without resorting to the Windows certificate store.<o:p></o:p></p>
<p class="MsoListParagraph"><o:p> </o:p></p>
<p class="MsoNormal">Option 3 is preferred. I see how to manage pkcs11, but not pkcs12.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thank you in advance!<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><b><span style="color:black">Liz Turi</span></b><span style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black">Sr. Consultant<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black">Massachusetts </span><span style="color:red">e</span><span style="color:black">Health Collaborative</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:black">860 Winter Street, Waltham, MA 02451<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black">(m) 339-222-6614 (o) 781-907-7204 (f) 781-207-8589<o:p></o:p></span></p>
<p class="MsoNormal"><a href="http://www.maehc.org"><span style="color:blue">www.maehc.org</span></a><o:p></o:p></p>
<p class="MsoNormal"><a href="https://www.facebook.com/massachusettsehealthcollab?fref=nf"><span style="color:blue;text-decoration:none"><img border="0" width="24" height="24" style="width:.25in;height:.25in" id="Picture_x0020_1" src="cid:image007.png@01D2E434.B46B2A00" alt="fb_icon"></span></a><a href="https://www.linkedin.com/company/massachusetts-ehealth-collaborative?trk=tyah&trkInfo=clickedVertical%3Acompany%2Cidx%3A1-1-1%2CtarId%3A1432746657126%2Ctas%3AMassachusetts+eHEalth"><span style="color:blue;text-decoration:none"><img border="0" width="24" height="24" style="width:.25in;height:.25in" id="Picture_x0020_2" src="cid:image008.png@01D2E434.B46B2A00" alt="li_icon"></span></a><a href="https://twitter.com/MAeHC_org"><span style="color:blue;text-decoration:none"><img border="0" width="24" height="24" style="width:.25in;height:.25in" id="Picture_x0020_3" src="cid:image009.png@01D2E434.B46B2A00" alt="tw_icon"></span></a><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p><br>
CONFIDENTIALITY NOTICE<br>
The information contained in this email transmission is legally privileged and confidential information intended only for the use of the addressee named above. If the reader of this message is not the intended recipient you are hereby notified that any dissemination,
 distribution or copying of this email transmission is strictly prohibited. If you have received this email transmission in error, please notify us immediately. Thank you.</p>
</body>
</html>