[stunnel-users] stunnel problem on hp-ux 11.11

matt.miller at accenture.com matt.miller at accenture.com
Wed Sep 13 23:48:10 CEST 2006


System specs: 

HP-UX 11.11

Stunnel 4.15

OpenSSL 0.8.7i

 

 

Config File:

; Certificate/key is needed in server mode and optional in client mode

;cert = /opt/iexpress/stunnel/etc/stunnel/mail.pem

;key = /opt/iexpress/stunnel/etc/stunnel/mail.pem

 

; Some security enhancements for UNIX systems - comment them out on
Win32

;chroot = /opt/iexpress/stunnel/var/lib/stunnel/

;setuid = nobody

;setgid = nogroup

; PID is created inside chroot jail

pid = /tmp/stunnel.pid

 

; Some performance tunings

socket = l:TCP_NODELAY=1

socket = r:TCP_NODELAY=1

;compression = rle

 

; Workaround for Eudora bug

;options = DONT_INSERT_EMPTY_FRAGMENTS

 

; Authentication stuff

;verify = 2

; Don't forget to c_rehash CApath

; CApath is located inside chroot jail

;CApath = /certs

; It's often easier to use CAfile

;CAfile = /opt/iexpress/stunnel/etc/stunnel/certs.pem

; Don't forget to c_rehash CRLpath

; CRLpath is located inside chroot jail

;CRLpath = /crls

; Alternatively you can use CRLfile

;CRLfile = /opt/iexpress/stunnel/etc/stunnel/crls.pem

 

; Some debugging stuff useful for troubleshooting

debug = 7

;foreground = yes

output = stunnel.log

 

; Service-level configuration

 

[pop3s]

; Use it for client mode

client = yes

;accept  = 995

;connect = 110

accept  = localhost:110

connect = POP3S.MAILSERVER:995

 

;[imaps]

;accept  = 993

;connect = 143

 

;[ssmtp]

;accept  = 465

;connect = 25

 

;[https]

;accept  = 443

;connect = 80

;TIMEOUTclose = 0

 

; vim:ft=dosini

 

Problem:

When I try to execute the following command "telnet localhost 110" I get
an entry in the stunnel log file and I am unable to connect to the
secure pop3 server.  I know that this is not a firewall issue because I
can telnet directly to the POP3S.MAILSERVER on port 995 and establish a
connection, I also know that the server works fine because I set up
stunnel on my windows xp machine and that did not have a problem
establishing a connection.  Any help on this issue would be great.

 

 

Here is the log I am getting

2006.08.10 18:23:03 LOG5[16138:1]: stunnel 4.15 on hppa2.0w-hp-hpux11.11
with Op

2006.08.10 09:43:55 LOG5[7158:1]: 2000 clients allowed

2006.08.10 09:43:55 LOG7[7158:1]: FD 4 in non-blocking mode

2006.08.10 09:43:55 LOG7[7158:1]: FD 5 in non-blocking mode

2006.08.10 09:43:55 LOG7[7158:1]: FD 6 in non-blocking mode

2006.08.10 09:43:55 LOG7[7158:1]: SO_REUSEADDR option set on accept
socket

2006.08.10 09:43:55 LOG7[7158:1]: pop3s bound to 127.0.0.1:110

2006.08.10 09:43:55 LOG7[7263:1]: Created pid file /tmp/stunnel.pid

2006.08.10 16:15:45 LOG7[7263:1]: pop3s accepted FD=0 from
127.0.0.1:57040

2006.08.10 16:15:45 LOG3[7263:1]: Connection rejected: create_client
failed

2006.08.10 16:30:34 LOG7[7263:1]: pop3s accepted FD=0 from
127.0.0.1:57156

2006.08.10 16:30:34 LOG3[7263:1]: Connection rejected: create_client
failed

2006.08.10 16:45:34 LOG7[7263:1]: pop3s accepted FD=0 from
127.0.0.1:57275

2006.08.10 16:45:34 LOG3[7263:1]: Connection rejected: create_client
failed

2006.08.10 17:00:36 LOG7[7263:1]: pop3s accepted FD=0 from
127.0.0.1:57401

2006.08.10 17:00:36 LOG3[7263:1]: Connection rejected: create_client
failed

2006.08.10 17:15:36 LOG7[7263:1]: pop3s accepted FD=0 from
127.0.0.1:57506

2006.08.10 17:15:36 LOG3[7263:1]: Connection rejected: create_client
failed

2006.08.10 17:30:35 LOG7[7263:1]: pop3s accepted FD=0 from
127.0.0.1:57614

2006.08.10 17:30:35 LOG3[7263:1]: Connection rejected: create_client
failed

 

 

Matt T. Miller

Accenture

Minneapolis, MN USA

612-277-1826

 

aim:  mttmiller8

email:  matt.miller at accenture.com

 



This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information.  If you have received it in error, please notify the sender immediately and delete the original.  Any other use of the email by you is prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20060913/56fdcf4b/attachment.html>


More information about the stunnel-users mailing list