[stunnel-users] RHEL6 Update stunnel-4.29-3.el6_6.1 breaks functionality?
H.U.Flück
huf at inomatix.com
Thu Dec 18 15:27:48 CET 2014
Hello
I realized that the latest RHEL6 updates including stunnel-4.29-3.el6_6.1
break our Stunnel connections!
We are forced to go back to previous version stunnel-4.29-3.el6_4 in order
to have the systems running again, and blocking Stunnel updates in
/etc/yum.conf for the moment.
Our typical client config and server configs are as follows:
Client (5.08):
**********
client = yes
compression = zlib
sslversion = TLSv1
delay = yes
debug = 7
taskbar = yes
cert = my.pem
[abas_ssh]
accept = 127.0.30.10:5303
connect = firewall.client.dom:5303
Server, xinetd.d:
*************
service stunnel_ssh
{
disable = no
socket_type = stream
instances = UNLIMITED
per_source = UNLIMITED
wait = no
user = root
server = /usr/bin/stunnel
server_args = /etc/stunnel/stunnel_ssh.conf
log_on_success += HOST DURATION
log_on_failure += HOST
}
Server, stunnel_ssh.conf
****************
cert = /support/stunnel/cert/server.pem
CApath = / support /stunnel/hash/
verify = 3
debug = 7
connect = 192.168.1.100:22
The error thrown is something like:
Dec 17 17:30:23 srvabas stunnel: LOG3[3385:140171595282368]: SSL_accept:
140760FC: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown
protocol
What are we missing? Do we need to change the configuration?
Any help is highly appreciated.
Kind regards
H.U.Flueck
More information about the stunnel-users
mailing list