[stunnel-users] stunnel with smb from 2 networks behind firewalls

Rodrigo Gallardo rodrigo at debian.org
Mon Mar 19 18:39:32 CET 2012

On Mon, 2012-03-19 at 15:30 +0100, Philippe wrote:
> On Mon, 19 Mar 2012 15:24:00 +0100, Michal Trojnara wrote:
> > Are you sure your OpenSSL is on this machine is compiled with FIPS 
> > support?
> >
> no, i'm not sure it is the ubuntu oneiric 11.10 version I get with 
> apt-get

If you're using the packaged version, then you don't have FIPS support.
It's disabled because it requires static linking.

> root at server:/etc# openssl version
> OpenSSL 1.0.0e 6 Sep 2011
> root at server:/etc# stunnel -version
> Reading configuration from descriptor 3
> Line 1: "verify = ersion": Bad verify level

You're calling the stunnel 3 wrapper script. Call stunnel4

Back when 4.x was new, in Debian we renamed the binary to stunnel4,
because we wanted to give a clear migration path for scripts. It may be
that the time to rename that wrapper to stunnel3 and reclaim the
unversioned name for the binary has come ;-)

More information about the stunnel-users mailing list