[stunnel-users] Going from 3.x command line to 4.x .conf file

Thomas Gagné tgagne at gagne.homedns.org
Wed Aug 25 03:33:39 CEST 2004

I'm having a problem connecting with sourcehost using stunnel w/ 
configuration files.  The command line version from 3.x works.

Here's the command line for 3.x

    ./stunnel -c -p client.pem -d localhost:2401 -r
    repository.sourcehosting.net:2402 -P none -f -v 3 -A cacert.pem

and the conf file from 4.x

    # Some debugging stuff
    debug = 7
    output = stunnel.log
    # Use it for client mode
    client = yes
    foreground = yes
    verify = 3
    key = client.pem
    cert = cacert.pem
    # Service-level configuration
    accept = 2401

connect = repository.sourcehosting.net:2402
When I run the older version it starts:

    ./stunnel -c -p client.pem -d localhost:2401 -r
    repository.sourcehosting.net:2402 -P none -f -v 3 -A cacert.pem
    2004.08.24 21:30:18 LOG5[2221:16384]: Using
    'repository.sourcehosting.net.2402' as tcpwrapper service name
    Enter PEM pass phrase:
    2004.08.24 21:30:24 LOG5[2221:16384]: Peer certificate location
    2004.08.24 21:30:24 LOG5[2221:16384]: stunnel 3.26 on
    i686-pc-linux-gnu PTHREAD with OpenSSL 0.9.7d 17 Mar 20042004.08.24
    21:30:24 LOG5[2221:16384]: FD_SETSIZE=1024, file ulimit=1024 -> 500
    clients allowed

But when I run the newer version (with .conf) I get:

    2004.08.24 21:31:43 LOG5[2236:4144017536]: stunnel 4.05 on
    i386-redhat-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7a Feb 19 2003
    2004.08.24 21:31:43 LOG7[2236:4144017536]: Snagged 64 random bytes
    from /home/tgagne/.rnd
    2004.08.24 21:31:43 LOG7[2236:4144017536]: Wrote 1024 new random
    bytes to /home/tgagne/.rnd
    2004.08.24 21:31:43 LOG7[2236:4144017536]: RAND_status claims
    sufficient entropy for the PRNG
    2004.08.24 21:31:43 LOG6[2236:4144017536]: PRNG seeded successfully
    2004.08.24 21:31:43 LOG7[2236:4144017536]: Certificate: cacert.pem
    2004.08.24 21:31:43 LOG7[2236:4144017536]: Key file: client.pem
    2004.08.24 21:31:47 LOG3[2236:4144017536]:
    SSL_CTX_use_RSAPrivateKey_file: B080074: error:0B080074:x509
    certificate routines:X509_check_private_key:key values mismatch

I'm using the same cacert.pem and client.pem for both, as well as the 
same passphrase.

More information about the stunnel-users mailing list