[stunnel-users] SSL Error

Tue Jun 14 15:42:14 CEST 2016

Hello. I am getting the following error when I try to run stunnel:

[root at doadmzqas stunnel]# stunnel
[ ] Clients allowed=31999
[.] stunnel 5.17 on powerpc-ibm-aix5.2.0.0 platform
[.] Compiled/running with OpenSSL 1.0.1s  1 Mar 2016
[.] Threading:PTHREAD Sockets:POLL,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI
[ ] errno: (*_Errno())
[.] Reading configuration from file /opt/freeware/etc/stunnel/stunnel.conf
[.] UTF-8 byte order mark not detected
[.] FIPS mode disabled
[ ] Compression disabled
[ ] Snagged 64 random bytes from /home/root/.rnd
[ ] Wrote 1024 new random bytes to /home/root/.rnd
[ ] PRNG seeded successfully
[ ] Initializing service [sapdp3202]
[ ] Loading certificate from file: /opt/freeware/etc/stunnel/stunnel.pem
[!] error queue: 140DC002: error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib
[!] error queue: 20074002: error:20074002:BIO routines:FILE_CTRL:system lib
[!] SSL_CTX_use_certificate_chain_file: 2001002: error:02001002:system library:fopen:No such file or directory
[!] Service [sapdp3202]: Failed to initialize SSL context

The version is 5.17 as you can see above. My config file looks like this:

; Log file (enable for troubleshooting)
output = /var/log/stunnel.log

; SSL Certificate and key files
cert = /opt/freeware/etc/stunnel/stunnel.pem
key = /opt/freeware/etc/stunnel/stunnel.key

; Restrict to FIPS compliant ciphers only ciphers = FIPS

; Force the SSL version to TLSv1 only
sslVersion = TLSv1

; The cipher list and SSL version restrictions above should make us ; _de_facto_ FIPS compliant; our OpenSSL library is *not* FIPS ; compliant, so
this cannot be set to 'yes'
fips = no

[sapdp3202]
client = yes
accept = 127.0.0.1:3202
connect = doaprdssl.dot.com.gov:4709

The OS is AIX version 7. Does anybody have any idea what this means?

Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20160614/4c06ce22/attachment.html>