[stunnel-users] tls linger

• Previous message (by thread): [stunnel-users] Fwd: stunnel-users Digest, Vol 168, Issue 2
• Next message (by thread): [stunnel-users] stunnel on Windows - using CAPI - tls v1.2?==?utf-8?q? ?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

We are using stunnel to allow us to punchout to suppliers using TLS 1.2 protocol. We are seeing the following with this particular supplier.

2018.07.02 08:49:05 LOG6[4]: TLS connected: previous session reused
2018.07.02 08:49:05 LOG6[4]: TLSv1.2 ciphersuite: ECDHE-RSA-AES256-SHA384 (256-bit encryption)
2018.07.02 08:49:05 LOG7[4]: Compression: null, expansion: null
2018.07.02 08:49:15 LOG3[4]: SSL_read: Connection reset by peer (131)
2018.07.02 08:49:15 LOG5[4]: Connection reset: 1720 byte(s) sent to TLS, 0 byte(s) sent to socket
2018.07.02 08:49:15 LOG7[4]: linger (remote): Invalid argument (22)
2018.07.02 08:49:15 LOG7[4]: Remote descriptor (FD=13) closed
2018.07.02 08:49:15 LOG7[4]: Local descriptor (FD=3) closed
2018.07.02 08:49:15 LOG7[4]: Service [dell-https] finished (0 left)

We have set socket = l:SO_LINGER=1:60, but still occasionally have an issue.
Is there anything else that we may need to set?

Since the below is default, would not expect to set it..
socket = a:SO_REUSEADDR=no
        disable address reuse (enabled by default)



Best regards,

Dan



This message and any attachment are confidential and may be privileged or otherwise protected from disclosure. If you are not the intended recipient, you must not copy this message or attachment or disclose the contents to any other person. If you have received this transmission in error, please notify the sender immediately and delete the message and any attachment from your system. Merck KGaA, Darmstadt, Germany and any of its subsidiaries do not accept liability for any omissions or errors in this message which may arise as a result of E-Mail-transmission or for damages resulting from any unauthorized changes of the content of this message and any attachment thereto. Merck KGaA, Darmstadt, Germany and any of its subsidiaries do not guarantee that this message is free of viruses and does not accept liability for any damages caused by any virus transmitted therewith.



Click http://www.emdgroup.com/emd/imprint/mail_disclaimer.html to access the German, French, Spanish and Portuguese versions of this disclaimer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20180703/42b92568/attachment.html>

• Previous message (by thread): [stunnel-users] Fwd: stunnel-users Digest, Vol 168, Issue 2
• Next message (by thread): [stunnel-users] stunnel on Windows - using CAPI - tls v1.2?==?utf-8?q? ?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]