[stunnel-users] FIPS_mode_set error

Koenraad Lelong stunnel at ace-electronics.be
Tue Nov 29 11:48:40 CET 2011


I have an application which uses stunnel. Using stunnel 4.25 everything 
works fine. If I replace this with stunnel 4.49, I get an error, see the 
log :

No limit detected for the number of clients
make_sockets: s_socket#1: FD=228 allocated (blocking mode)
make_sockets: s_socket#2: FD=232 allocated (blocking mode)
make_sockets: s_accept: FD=236 allocated (non-blocking mode)
stunnel 4.49 on x86-pc-mingw32-gnu platform
Compiled/running with OpenSSL 0.9.8r-fips 8 Feb 2011
Threading:WIN32 SSL:ENGINE,FIPS Auth:none Sockets:SELECT,IPv6
Reading configuration from file stunnel.conf
FIPS_mode_set: 2D06906E: error:2D06906E:FIPS 
routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match

Server is down

My stunnel.conf :
cert = my.keycrt
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
verify = 3
CApath = certs
CAfile = cacert.pem
debug = 7
; output = c:\Program Files\stunnel\stunnel.log
client = yes
accept  = 6051
connect = server.example.com:8051

What am I doing wrong ? I'm trying this on Win7-64bit. On WinXP-32bit it 
works fine.

Thanks for any clarification,


Koenraad Lelong.

More information about the stunnel-users mailing list