[stunnel-users] Configuring Stunnel to work between client and server - possible certificate issue

Ludolf Holzheid lholzheid at bihl-wiedemann.de
Tue May 17 10:01:01 CEST 2016

On Mon, 2016-05-16 16:25:04 +0000, David Faizulaev wrote:
> Hello,
> I've found Stunnel as a potential answer to securely moving traffic between two machines.
> But I'm having some difficulties configuring the software.
> I've installed it on to the client machine and configured the client to connect to while the Server to which the client needs to connect is
> In the stunnel.conf I've set the following:
> [custom]
> accept =
> connect =
> cert = 220.72.cer
> TIMEOUTclose = 0
> Upon initializing Stunnel I get the following error:
> 2016.05.16 19:14:04 LOG3[main]: error queue: 140B0009: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib
> 2016.05.16 19:14:04 LOG3[main]: SSL_CTX_use_PrivateKey_file: 906D06C: error:0906D06C:PEM routines:PEM_read_bio:no start line


Stunnel doesn't like your key file.

Maybe it's not in PEM format, or it does not contain a private key.

Try to open it with a text editor.  There should be lines reading
"-----BEGIN RSA PRIVATE KEY-----" and "-----END RSA PRIVATE KEY-----"
with some base64 coded stuff in between.

(There also should be a certificate enclosed in
"-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----", but for
now, stunnel is missing the private key.)




Ludolf Holzheid
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
Tel: +49 621 33996-0
Fax: +49 621 3392239
mailto:lholzheid at bihl-wiedemann.de
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796

More information about the stunnel-users mailing list