[stunnel-users] stunnel with TLSv1.2 ciphers

Jérémy WILLIAME jeremy.williame at ovh.net
Fri Dec 5 15:31:25 CET 2014


Hi,

I want to use stunnel with TLSv1.2 ciphers but it doesn't work.
I use stunnel 5.07 compiled from source with prefix /opt/stunnel and 
lastest openssl (1.0.1j)

This is my main configuration file:

chroot = /opt/stunnel/var/lib/stunnel/
pid = /stunnel4.pid
**cert = /opt/stunnel/etc/blabla/bla.pem
key  = /opt/stunnel/etc/blabla/bla.key
ciphers = ECDHE-ECDSA-AES256-GCM-SHA384
options = NO_SSLv2
[imaps]
accept  = 993
connect = 143

I had to use one of this ciphers:
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES256-SHA384
DHE-RSA-AES256-GCM-SHA384

When i tried to use imaps connection over stunnel :
root at bla: imtest -a homer -w homer -p 993 -s localhost
SSL_connect error 0
SSL session removed
failure: TLS negotiation failed

if i use a SSLv3 cipher it works.
root at bla: imtest -a homer -w homer -p 993 -s localhost
verify error:num=18:self signed certificate
TLS connection established: TLSv1 with cipher DHE-RSA-AES128-SHA 
(128/128 bits)


Someone have any idea ?
Thanks.
Jeremy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20141205/fea6817e/attachment.html>


More information about the stunnel-users mailing list