[stunnel-users] SSL_GET_NEW_SESSION:ssl session id callback failed

DoJo dojo at mailbox.hu
Mon Oct 3 13:57:53 CEST 2005


Hi There,

We have run into "SSL_GET_NEW_SESSION:ssl session id callback failed" error.
Can anyone describe what it means? I didn't find any information about it.
We'd like to use stunnel to secure Oracle SQL*Net communication.
HP-UX server communicates with Win32 clients. We use stunnel standalone not from inetd.
Any help would be appreciated.

Thanks
DoJo


Here is a cut from the log file (level 7):

2005.09.29 11:49:53 LOG5[10388:1]: stunnel 4.09 on hppa2.0w-hp-hpux11.11 PTHREAD+POLL+IPv4+LIBWRAP with OpenSSL 0.9.7e 25 Oct 2004
2005.09.29 11:49:53 LOG7[10388:1]: Snagged 0 random bytes from EGD Socket /var/run/egd-pool
2005.09.29 11:49:53 LOG6[10388:1]: PRNG seeded successfully
2005.09.29 11:49:53 LOG7[10388:1]: Certificate: /opt/iexpress/stunnel/etc/stunnel/..._cert.cer
2005.09.29 11:49:53 LOG7[10388:1]: Key file: /opt/iexpress/stunnel/etc/stunnel/..._privkey.pem
2005.09.29 11:49:53 LOG6[10388:1]: file ulimit = 60 (can be changed with 'ulimit -n')
2005.09.29 11:49:53 LOG6[10388:1]: poll() used - no FD_SETSIZE limit for file descriptors
2005.09.29 11:49:53 LOG5[10388:1]: 27 clients allowed
2005.09.29 11:49:53 LOG7[10388:1]: FD 4 in non-blocking mode
2005.09.29 11:49:53 LOG7[10388:1]: FD 5 in non-blocking mode
2005.09.29 11:49:53 LOG7[10388:1]: FD 6 in non-blocking mode
2005.09.29 11:49:53 LOG7[10388:1]: SO_REUSEADDR option set on accept socket
2005.09.29 11:49:53 LOG7[10388:1]: myapp bound to 0.0.0.0:2000
2005.09.29 11:49:53 LOG7[10389:1]: Created pid file /stunnel.pid
2005.09.30 12:01:47 LOG7[10389:1]: myapp accepted FD=1 from 10.3.125.165:3570
2005.09.30 12:01:47 LOG7[10389:1]: FD 1 in non-blocking mode
2005.09.30 12:01:47 LOG7[10389:2]: myapp started
2005.09.30 12:01:47 LOG5[10389:2]: myapp connected from 10.3.125.165:3570
2005.09.30 12:01:47 LOG7[10389:2]: SSL state (accept): before/accept initialization
2005.09.30 12:01:47 LOG3[10389:2]: SSL_accept: 140B544E: error:140B544E:SSL routines:SSL_GET_NEW_SESSION:ssl session id callback failed
2005.09.30 12:01:47 LOG7[10389:2]: myapp finished (0 left)


Our config file:

cert = /opt/iexpress/stunnel/etc/stunnel/..._cert.cer         # contains the server's signed (by a CA) cert.
key = /opt/iexpress/stunnel/etc/stunnel/..._privkey.pem       # contains the server's private key
service = myapp-ssl
chroot = /var/run/stunnel

pid = /stunnel.pid
setuid = oracle
setgid = oracle

debug = 7
output = stunnel.log

client = no

[myapp]
accept=2000
connect=1521




More information about the stunnel-users mailing list