[stunnel-users] (no subject)

Guylhem stunnel at guylhem.net
Wed Apr 18 21:02:13 CEST 2012


With verify=3 and the certs loaded in the conf file with
CAfile=startssl-chain.pem cert=mycert.pem, I get :
 CERT: Certificate not found in local repository

Using the latest stunnel recompiled on a debian squeeze, the best I can get is:
error queue: 140B0009: error:140B0009:SSL
routines:SSL_CTX_use_PrivateKey_file:PEM lib
SSL_CTX_use_PrivateKey_file: 906D06C: error:0906D06C:PEM
routines:PEM_read_bio:no start line

However, if I put these very same pem files in a directory as a CApath
option instead (c_rehash applied) everything works fine. But The pem
files are identical !

I've read http://stunnel.mirt.net/pipermail/stunnel-users/2010-November/002854.html
but it seems a bit different

The startssl-chain.pem was created with:
 wget http://www.startssl.com/certs/ca.pem
 wget http://www.startssl.com/certs/startssl.ca.pem
 cat sub.class1.server.ca.pem  ca.pem  > startssl-chain.pem

I guess that may be the cause of the problem?

What should I do to pass these pem files as stunnel.conf options
instead of using the CApath?


More information about the stunnel-users mailing list