[stunnel-users] CApath hash calculation broken (ver 4.34)?

Michal Trojnara Michal.Trojnara at mirt.net
Wed Nov 17 17:54:16 CET 2010


OpenSSL has changed c_rehash functionality in version 1.0.0. File names generated with OpenSSL 0.x.x are not compatible with OpenSSL 1.x.x.


"Konstantin Suvorov" <i.am at berlic.net> wrote:

>I’m trying to setup client-server SSL connection with “level 3”
>on server side.
>I use 4.34 precompiled binary package for win32.
>I put client certificates into CApath folder with hashed filenames (I
>openssl x509 -hash to get them).
>And nothing works: I get “bad certificate”.
>After sniffing for filenames stunnel server is looking for I found out
>they are not matching the hash values I got with openssl tool.
>I downloaded openssl binaries (ver. 0.9.8o) and put them into the
>This fixed the bug with wrong filename request inside stunnel, but it
>started to crash after connection is initiated.
>I tried to install stunnel (fresh download of 4.34) on another computer
>>the same problem: requested hash-filename is not equal to actual one.
>Does anybody know how to fix this?
>stunnel-users mailing list
>stunnel-users at mirt.net

Wysłane z Androida za pomocą K-9 Mail. Prosze wybaczyć lakoniczność.

More information about the stunnel-users mailing list