[stunnel-users] Stunnel Connectivity Issue
dheeraj.gautam at arborfs.com
Tue Jun 13 17:41:03 CEST 2017
below is the config which i have configured with TLSv1.2, but still
connection establishing only for while when i telnet telnet 127.0.0.1 9233.
and just after connection closed.
cert = BBG_cert.pem
key = BBG_key.pem
verifyChain = yes
CAfile = BBG_CACerts.pem
connect = 184.108.40.206:8228
accept = 127.0.0.1:9233
sslVersion = TLSv1.2
below the logs:
2017.06.13 11:57:49 LOG5[main]: Reading configuration from file stunnel.conf
2017.06.13 11:57:49 LOG5[main]: UTF-8 byte order mark detected
2017.06.13 11:57:49 LOG5[main]: FIPS mode disabled
2017.06.13 11:57:49 LOG3[main]: Service [TCP]: Each service must define two
2017.06.13 11:57:49 LOG3[main]: Failed to reload the configuration file
2017.06.13 16:37:16 LOG5[main]: Reading configuration from file stunnel.conf
2017.06.13 16:37:16 LOG5[main]: UTF-8 byte order mark detected
2017.06.13 16:37:16 LOG5[main]: FIPS mode disabled
2017.06.13 16:37:16 LOG4[main]: Service [TCP] uses "verifyChain" without
2017.06.13 16:37:16 LOG4[main]: Use "checkHost" or "checkIP" to restrict
2017.06.13 16:37:16 LOG5[main]: Configuration successful
2017.06.13 16:38:38 LOG5: Service [TCP] accepted connection from
2017.06.13 16:38:38 LOG5: s_connect: connected 220.127.116.11:8228
2017.06.13 16:38:38 LOG5: Service [TCP] connected remote server from
2017.06.13 16:38:39 LOG5: Certificate accepted at depth=0: C=US, ST=NEW
YORK, L=NEW YORK, O=Bloomberg LP, OU=FIXBETA, CN=fixbeta.bloomberg.com,
emailAddress=caadmin at bloomberg.com
2017.06.13 16:39:10 LOG5: Connection closed: 0 byte(s) sent to TLS, 0
byte(s) sent to socket
i want connection remained connected every time so that i can run the
application can be work only if the connection remain connected.
please help me to sort this out.
On 25 May 2017 at 12:29, Małgorzata Olszówka <
Malgorzata.Olszowka at stunnel.org> wrote:
> Could you please let us know what parameters we are missing here due to
>> which connection is not establishing with remote server.
>> Although, stunnel logs indicating that configuration successful, but in
>> logs no where is mentioned about the connection is it connected or not,
> Hello Dheeraj,
> You should set the verifyChain option in order to verify the certificate
> stored in the file specified with CAfile:
> verifyChain = yes
> Then you can test your connection:
> telnet 127.0.0.1 9233
> the stunnel logs will show information about the connection attempt.
> stunnel-users mailing list
> stunnel-users at stunnel.org
This e-mail and any attachment are confidential and contain proprietary
information, some or all of which may be legally privileged.
It is intended solely for the use of the individual or entity to which it
is addressed. If you are not the intended recipient, please notify the
author immediately by telephone or by replying to this e-mail, and then
delete all copies of the e-mail on your system. If you are not the
intended recipient, you must not use, disclose, distribute, copy, print or
rely on this e-mail.
Whilst we have taken reasonable precautions to ensure that this e-mail and
any attachment has been checked for viruses, we cannot guarantee that they
are virus free and we cannot accept liability for any damage sustained as a
result of software viruses. We would advise that you carry out your own
virus checks, especially before opening an attachment.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the stunnel-users