[stunnel-users] stunnel claims it needs certificate

• Previous message (by thread): [stunnel-users] stunnel claims it needs certificate
• Next message (by thread): [stunnel-users] Goldmine 6.7 behind a Server
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 14/09/2011 4:24 PM, David van Zijl wrote:
> Hi Jose
>
> It looks like you haven't told stunnel where to find the certificate
> you generated. Try adding the following either in the global section
> or inside the service definition:
>
> cert=/your/path/to/pem
> key=/your/path/to/key
>
> Cheers
> Dave
>
> On Thu, Sep 15, 2011 at 7:50 AM, JOSE<jtc at totaltravelmarketing.com>  wrote:
>>
>> Hi
>>
>> I am trying to get stunnel stunnel 4.36 on ia64-hp-hpux11.23 with OpenSSL
>> 0.9.8o 01 Jun 2010 working on this server and so far I have generated a new
>> pem file as per the instructions, but it is the time to make to run, it
>> keeps looking for a certificate for one of the services:
>>
>> bash-3.2# /opt/iexpress/stunnel/bin/stunnel
>> /opt/iexpress/stunnel/etc/stunnel/stunnel.conf
>> Reading configuration from file
>> /opt/iexpress/stunnel/etc/stunnel/stunnel.conf
>> Snagged 64 random bytes from /opt/iexpress/stunnel/etc/stunnel/stunnel.rnd
>> Wrote 1024 new random bytes to /opt/iexpress/stunnel/etc/stunnel/stunnel.rnd
>> PRNG seeded successfully
>> Line 37: End of section revnet_preprod_sunquest: SSL server needs a
>> certificate
>>
>>
>>
>> my conf file is as follows:
>> bash-3.2# more /opt/iexpress/stunnel/etc/stunnel/stunnel.conf
>> # Sample stunnel configuration file
>>
>> #RNDfile=/opt/hpws/apache/stunnel/.stunnel.rnd
>> RNDfile=/opt/iexpress/stunnel/etc/stunnel/stunnel.rnd
>> # Chroot
>> #chroot = /var/chroot/stunnel/
>>
>> # PID is created inside chroot jail
>> #pid = /opt/hpws/apache/logs/stunnel.pid
>> pid = /opt/iexpress/stunnel/etc/stunnel/stunnel.pid
>> # Workaround for Eudora bug
>> #options = DONT_INSERT_EMPTY_FRAGMENTS
>>
>> # Client Authentication
>> #verify = 2
>> # don't forget about c_rehash CApath
>> # it is located inside chroot jail:
>> #CApath = /certs
>> # or simply use CAfile instead:
>> #CAfile = /opt/hpws/apache/conf/certs.pem
>>
>> # Some debugging stuff
>> debug = 7
>> output = /opt/hpws/apache/logs/stunnel.log
>>
>> # Use in client mode
>> client = no
>>
>> # Run in the background
>> foreground = no
>>
>> # Service-level configuration
>> [revnet_preprod_sunquest]
>> accept  = 10.99.10.37:8011
>> connect = 127.0.0.1:18011
>> #connect = 18011
>>
>> [revnet_preprod_funsun]
>> accept  = 10.99.10.37:8017
>> connect = 127.0.0.1:18017
>> #connect = 18017
>>
>> any help or tips would be welcome
>>
>> Thanks
>>
>> Jose
>> _______________________________________________
>> stunnel-users mailing list
>> stunnel-users at stunnel.org
>> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>>
> .
>
Hi David,

You are correct, I just got it running, I have an older version running 
on parallel on the same machine, and that one does not mind not having 
that option on the config file

Thanks a lot for your help

Jose

• Previous message (by thread): [stunnel-users] stunnel claims it needs certificate
• Next message (by thread): [stunnel-users] Goldmine 6.7 behind a Server
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]