[stunnel-users] trouble getting started with stunnel

• Previous message (by thread): [stunnel-users] Stunnel 4.19 released
• Next message (by thread): [stunnel-users] Error when I try adding compression to stunnel.conf
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've read the fine manual, and spent quite a while experimenting, but
still have not managed to get stunnel to actually run.  I have tried my
own from-scratch configuration file, as well as a modified version of
stunnel.conf-sample, with the same result, which is currently:

2006.11.13 16:18:16 LOG3[14237:2684415384]: error stack: 140B3009 :
error:140B3009:SSL routines:SSL_CTX_use_RSAPrivateKey_file:PEM lib
2006.11.13 16:18:16 LOG3[14237:2684415384]:
SSL_CTX_use_RSAPrivateKey_file: 906D06C: error:0906D06C:PEM
routines:PEM_read_bio:no start line

Note that this is when running stunnel with sudo (since it needs root
privs to read my certificate file -- cert.pem -- and I imagine may need
them for other things too).  If I turn the Debug option up to 7, then I
get a few lines about the PRNG, followed by

2006.11.13 16:21:33 LOG7[14249:2684415384]: Certificate:
/usr/local/etc/stunnel/cert.pem
2006.11.13 16:21:33 LOG7[14249:2684415384]: Certificate loaded
2006.11.13 16:21:33 LOG7[14249:2684415384]: Key file:
/usr/local/etc/stunnel/cert.pem
2

and then followed by the same errors as above.

I'm running under OS X 10.4.8, compiled and installed stunnel-4.19 just
today, and I have a key.pem and cert.pem obtained from StartCom.  Note
that the above errors were obtained with no "key=" line in my .conf
file; it wasn't clear to me if I need that for my goal (which is
layering HTTPS service over my existing HTTP server).  But I also tried
specifying the path to my key.pem, and that results in different errors:

2006.11.13 16:24:29 LOG7[14259:2684415384]: Key file:
/usr/local/etc/stunnel/key.pem
2006.11.13 16:24:29 LOG3[14259:2684415384]: error stack: 140B3009 :
error:140B3009:SSL routines:SSL_CTX_use_RSAPrivateKey_file:PEM lib
2006.11.13 16:24:29 LOG3[14259:2684415384]: error stack: 906A065 :
error:0906A065:PEM routines:PEM_do_header:bad decrypt
2006.11.13 16:24:29 LOG3[14259:2684415384]: error stack: 6065064 :
error:06065064:digital envelope routines:EVP_DecryptFinal:bad decrypt
2006.11.13 16:24:29 LOG3[14259:2684415384]: Wrong pass phrase: retrying
2006.11.13 16:24:29 LOG3[14259:2684415384]: error stack: 140B3009 :
error:140B3009:SSL routines:SSL_CTX_use_RSAPrivateKey_file:PEM lib
2006.11.13 16:24:29 LOG3[14259:2684415384]: error stack: 906A065 :
error:0906A065:PEM routines:PEM_do_header:bad decrypt
2006.11.13 16:24:29 LOG3[14259:2684415384]:
SSL_CTX_use_RSAPrivateKey_file: 6065064: error:06065064:digital
envelope routines:EVP_DecryptFinal:bad decrypt

..of course, it never asked me for my pass phrase, so maybe it's not
surprising that whatever it's using is wrong.  But I don't see how to
make it ask me for one.  Can anyone give me a clue?

Thanks,
- Joe





--

• Previous message (by thread): [stunnel-users] Stunnel 4.19 released
• Next message (by thread): [stunnel-users] Error when I try adding compression to stunnel.conf
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]