[stunnel-users] No SSL handshake between stunnel in client mode and SSL server

• Previous message (by thread): [stunnel-users] No SSL handshake between stunnel in client mode and SSL server
• Next message (by thread): [stunnel-users] No SSL handshake between stunnel in client mode and SSL server
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Jose,

Thank you for your reply. I double checked and actually there is SSL
handshake. Sorry, it was my mistake I did not analyze WireShark capture
carefully.

But handshake failed and here is stunnel log:

2012.01.25 09:39:58 LOG5[1944:6264]: stunnel 4.52 on x86-pc-mingw32-gnu
platform
2012.01.25 09:39:58 LOG5[1944:6264]: Compiled/running with OpenSSL
0.9.8s-fips 4 Jan 2012
2012.01.25 09:39:58 LOG5[1944:6264]: Threading:WIN32 SSL:ENGINE,FIPS
Auth:none Sockets:SELECT,IPv6
2012.01.25 09:39:58 LOG5[1944:6264]: Reading configuration from file
stunnel.conf
2012.01.25 09:39:58 LOG5[1944:6264]: FIPS mode is enabled
2012.01.25 09:39:58 LOG5[1944:6264]: Configuration successful
2012.01.25 09:40:13 LOG5[1944:4724]: Service Router accepted connection
from 192.168.1.161:59519
2012.01.25 09:40:13 LOG5[1944:4724]: connect_blocking: connected
192.168.160.168:55443
2012.01.25 09:40:13 LOG5[1944:4724]: Service Router connected remote server
from 192.168.1.121:52250
2012.01.25 09:40:13 LOG3[1944:4724]: SSL_connect: 1408F10B:
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2012.01.25 09:40:13 LOG5[1944:4724]: Connection reset: 0 bytes sent to SSL,
0 bytes sent to socket
Server is setup for SSL3.0.

Best regards,
Denis

2012/1/24 Jose Alf. <josealf at rocketmail.com>

> Denis,
>
> Looks like your configuration is incomplete. Check  the sample
> stunnel.conf file in the stunnel distribution. Read the man page. Post your
> log file.
>
> Try adding lines like these before [Router]
>
> sslVersion = SSLv3
>
> cert=stunnel.pem
> key=stunnel.pem
>
> # Authentication stuff, try 0 for test
> verify = 0
>
> CApath = /your/CAcerts/path
>
> debug = 7
> output = stunnel.log
>
>
>
>   ------------------------------
> *From:* Denis Berezhnoy <denis.berezhnoy at gmail.com>
> *To:* stunnel-users at stunnel.org
> *Sent:* Tuesday, January 24, 2012 6:10 PM
> *Subject:* [stunnel-users] No SSL handshake between stunnel in client
> mode and SSL server
>
> Hi guys,
> I have a quick question. I am trying to use stunnel in client mode to
> encrypt traffic going to my server.
> Basically, I have a server which listens for SSL connection. And I have a
> client which can not do SSL but it needs to communicate with server over
> SSL.
> I setup stunnel in client mode to accept unecrypted traffic from client
> and redirect it to server over SSL. I checked TCP traffic with WireShark
> between stunnel  and my server and I can see that there is no SSL
> handshake, stunnel makes TCP connection with server and sends some TCP
> packets but I expect to see SSL handshake.
> My stunnel conf file is here:
> [Router]
> client=yes
> accept = 192.168.1.121:55555
> connect = 192.168.160.168:55443
> Can you please comment on this?
> Best regards,
> Denis
>
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20120125/0f7d133e/attachment.html>

• Previous message (by thread): [stunnel-users] No SSL handshake between stunnel in client mode and SSL server
• Next message (by thread): [stunnel-users] No SSL handshake between stunnel in client mode and SSL server
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]