[stunnel-users] CERT: Verification error: unable to get local issuer certificate
Vivek Gupta
vivek at ltecindia.com
Tue Oct 7 07:35:49 CEST 2014
Hi
I am getting error -
Below is the log:
********************************
Service [LMAX-fix-tunnel-DEMO-MktData] connected remote server from
192.168.1.5:49819
Remote socket (FD=276) initialized
SNI: sending servername: fix-md-ate.lmaxtrader.com
SSL state (connect): before/connect initialization
SSL state (connect): SSLv3 write client hello A
SSL state (connect): SSLv3 read server hello A
Verification started at depth=1: C=US, O=DigiCert Inc, CN=DigiCert Secure
Server CA
CERT: Verification error: unable to get local issuer certificate
Rejected by CERT at depth=1: C=US, O=DigiCert Inc, CN=DigiCert Secure
Server CA
SSL alert (write): fatal: unknown CA
SSL_connect: 14090086: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
Remote socket (FD=276) closed
Local socket (FD=524) closed
Service [LMAX-fix-tunnel-DEMO-MktData] finished (0 left)
***************************************************
and below is the conf file:
************
; Certificate/key is needed in server mode and optional in client mode
;cert = stunnel.pem
;key = stunnel.pem
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
verify = 3
CApath = C:\Program Files (x86)\stunnel\
CAfile = C:\Program Files (x86)\stunnel\peer-LMAX-fix-tunnel-DEMO-MktData.pem
;CRLpath = crls
;CRLfile = crls.pem
options = NO_SSLv2
************************************
Please suggest how to solve verification error.
Thanks &Regards
Vivek Gupta
9971514343
More information about the stunnel-users
mailing list