[stunnel-users] Peer suddenly disconnected

victor.harutyunyan at arca.am victor.harutyunyan at arca.am
Wed Jul 2 17:23:19 CEST 2008

Hello there,

I have installed stunnel server on FreeBSD. I configure it like this

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1

debug = 7


Client side is not a computer it's small device. I generate client 
certificates in this manor:

echo off
del test_ck.pem /q    # delete previous test.ck.pem file
echo Starting New test_ck file Generation
C:\OpenSSL\bin\openssl.exe req -new -x509 -newkey rsa:2048 -sha1 -out 
test_cert.pem -keyout test_key.pem -nodes -config sample_ck.cnf -days 
1825 -batch
C:\OpenSSL\bin\openssl.exe pkcs8 -in test_key.pem -topk8 -out 
test_pk8.pem -passout pass:"TestPassword0001" -noiter -v1 PBE-SHA1-3DES
del test_key.pem /q
copy test_cert.pem+test_pk8.pem test_ck.pem /y
del test_pk8.pem /q
Echo New test_ck.pem file has the following sections:
findstr "BEGIN END" test_ck.pem

test_cert.pem is on a stunnel server as CAfile and test_ck.pem is on my 
small device which is capable to connect via stunnel.

And I generate other self-signed CA, and generate one certificate 
request and sign it via this CA, and install that key and certificate on 


All is working fine, but after one year my server certificate has 
expired, when I regenerate new server certificate and try to connect, I 
see in server log this:

Child process 6094  finished with code 0
SSL state (accept): before accept initialization
SSL state (accept): SSLv3  read client hello A
SSL state (accept): SSLv3  write server hello A
SSL state (accept): SSLv3  write certificate A
SSL state (accept): SSLv3  write server done A
SSL state (accept): SSLv3  flush data
SSL_accept: Peer suddenly  disconnected

And my device can't connect to the server, I haven't any client side 
logs and error messages, only NOT DELIVERED in my device. :(

Can you please help me to solve this problem, I am trying many many 
times, I was very angry..

Thank you very much.
Victor Harutyunyan.

P.S. Sorry for my bad english.

More information about the stunnel-users mailing list