[stunnel-users] your mail

Brian Hatch bri at stunnel.org
Thu Jan 10 16:09:46 CET 2008


On or about 2008-01-10 15:34 +0100, khaled45 at free.fr directed:

> Here attached files generated.
> can you  send me the configuration element of SSL and Stunnel or explain me how
> to generate?

You sent the private keys too - you shouldn't do this.  You should
create new keys when done debugging this problem.

I saw only 2 keys - the CA and the stunnel.pem.

Your configuration specifies 3 keys, the CA, stunnel.pem, and is
attempting to verify the SSL client (browser?  something else)
against the CA via the 'verify=' line.

What is the SSL client?  Did you generate a key for it?  Because
your config is requiring the SSL client authenticate itself, and
Stunnel is dropping the connection because that phase isn't working
correctly.



-- 
Brian Hatch                  "So, what's the problem?"
   Systems and               "I don't know.
   Security Engineer          *That's* the problem."
http://www.ifokr.org/bri/

Every message PGP signed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20080110/477a1cd1/attachment.sig>


More information about the stunnel-users mailing list