[stunnel-users] CApath not working anymore

Jordan Paschalidis jordan.paschalidis at xcom.de
Wed Jul 16 16:11:36 CEST 2014


i have an existing stunnel-installation with CApath.
I tried to setup a new stunnel-version, and copied all certifictes
and had allwas an error like

2014.07.16 09:50:36 LOG7[15937:0]: Starting certificate verification: 
depth=1, /C=DE/emailAddress=ssladmin at v.de
2014.07.16 09:50:36 LOG4[15937:0]: CERT: Verification error: self signed 
certificate in certificate chain
2014.07.16 09:50:36 LOG4[15937:0]: Certificate check failed: depth=1, 
/C=DE/emailAddress=ssladmin at v.de
2014.07.16 09:50:36 LOG7[15937:0]: SSL alert (write): fatal: bad 
2014.07.16 09:50:36 LOG3[15937:0]: SSL_accept: 140890B2: 
error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate 
2014.07.16 09:50:36 LOG5[15937:0]: Connection reset: 0 byte(s) sent to 
SSL, 0 byte(s) sent to socket

i had an hard time to find out that CApath is not working anymore.
I put for test all certificates into a file and used CAfile
and immediately the connection was established.

Does somebody know why CApath is not working anymore?
Tested with stunnel 5.02, 4.56, 4.55, 4.54


More information about the stunnel-users mailing list