[apria-admin@WEB05 stunnel-5.40]$ sudo make cert make -C tools cert make[1]: Entering directory `/home/apria-admin/stunnel-5.40/tools' ./makecert.sh . /usr/local /dev/urandom 1+0 records in 1+0 records out 256 bytes (256 B) copied, 0.000133415 s, 1.9 MB/s Generating a 2048 bit RSA private key ....................+++ ..............................+++ writing new private key to 'stunnel.pem' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [PL]:US State or Province Name (full name) [Mazovia Province]:California Locality Name (eg, city) [Warsaw]:Lake Forest Organization Name (eg, company) [Stunnel Developers]:HME Number One, LLC Organizational Unit Name (eg, section) [Provisional CA]:DMEhub.com Common Name (FQDN of your server) [localhost]:uat.dmehub.com
Certificate details: subject=C = US, ST = California, L = Lake Forest, O = "HME Number One, LLC", OU = DMEhub.com, CN = uat.dmehub.com notBefore=Mar 1 20:12:37 2017 GMT notAfter=Mar 1 20:12:37 2021 GMT SHA1 Fingerprint=EF:41:FD:A2:C4:62:BA:D3:A1:6D:53:EE:21:E3:6B:1E:6C:28:51:CF /bin/install -c -b -m 600 stunnel.pem /usr/local/etc/stunnel/stunnel.pem rm -f stunnel.pem make[1]: Leaving directory `/home/apria-admin/stunnel-5.40/tools' Geoffrey Hoffman | Software Engineer, DMEhub.com 2700 W. Frye Rd., 3rd Floor | Chandler AZ 85224 P 1-800-852-3535 x75510 | C 480-231-8323 www.apria.com Improving the quality of life for our patients at home. > -----Original Message----- > From: Małgorzata Olszówka [mailto:[email protected]] > Sent: Wednesday, March 1, 2017 1:10 PM > To: HOFFMAN, GEOFFREY <[email protected]>; GUTIERREZ, > STEVE <[email protected]>; Hodel, Kenneth C > <[email protected]> > Cc: [email protected] > Subject: Re: Request to Meet > > Yes, please install the sample certificate. > "Make cert" will tell you the path. > Probably there: > /usr/local/etc/stunnel/stunnel.pem > > Małgorzata Olszówka > Junior Engineer > > Mobi-Com Polska Sp. z o.o. > www.stunnel.org > > W dniu 01.03.2017 o 21:01, HOFFMAN, GEOFFREY pisze: > > It looks like the stunnel build succeeded: > > > > > > <excerpt> > > make[3]: Entering directory `/home/apria-admin/stunnel-5.40' > > ********************************************************* > > * Type 'make cert' to also install a sample certificate * > > ********************************************************* > > make[3]: Leaving directory `/home/apria-admin/stunnel-5.40' > > make[2]: Leaving directory `/home/apria-admin/stunnel-5.40' > > make[1]: Leaving directory `/home/apria-admin/stunnel-5.40' > > </excerpt> > > > > Should I install a sample certificate? Where would it get installed to? > > > > > > Geoffrey Hoffman | Software Engineer, DMEhub.com > > 2700 W. Frye Rd., 3rd Floor | Chandler AZ 85224 > > P 1-800-852-3535 x75510 | C 480-231-8323 www.apria.com > > Improving the quality of life for our patients at home. > > > > > >> -----Original Message----- > >> From: HOFFMAN, GEOFFREY > >> Sent: Wednesday, March 1, 2017 12:28 PM > >> To: [email protected]; GUTIERREZ, STEVE > >> <[email protected]>; Hodel, Kenneth C > >> <[email protected]> > >> Subject: RE: Request to Meet > >> > >> After I run: > >>> ./config > >>> make > >>> sudo make install > >> I get this > >> > >> [apria-admin@WEB05 openssl-1.1.0e]$ openssl version > >> openssl: error while loading shared libraries: libssl.so.1.1: cannot > >> open shared object file: No such file or directory > >> > >> > >> Geoffrey Hoffman | Software Engineer, DMEhub.com > >> 2700 W. Frye Rd., 3rd Floor | Chandler AZ 85224 > >> P 1-800-852-3535 x75510 | C 480-231-8323 www.apria.com > >> Improving the quality of life for our patients at home. > >> > >> > >>> -----Original Message----- > >>> From: Małgorzata Olszówka [mailto:[email protected]] > >>> Sent: Wednesday, March 1, 2017 12:10 PM > >>> To: HOFFMAN, GEOFFREY <[email protected]>; > >> GUTIERREZ, STEVE > >>> <[email protected]>; Hodel, Kenneth C > >>> <[email protected]> > >>> Cc: [email protected] > >>> Subject: Re: Request to Meet > >>> > >>> FIPS 140-2 is a U.S. government computer security standard. Some U.S. > >>> organizations require it for compliance. FIPS does not improve security. > >>> Actually, it may make it a bit worse by limiting the choice of > >>> modern security algorithms. If you don't know what FIPS is then you > >>> almost certainly don't need it. > >>> https://en.wikipedia.org/wiki/FIPS_140-2 > >>> > >>> First you were trying to do "sudo make clean" with OpenSSL_1_0_2k. > >>> This version should have Makefile file. > >>> > >>> Then you downloaded the newest version OpenSSL-1.1.0e. > >>> This one does not need "make clean". > >>> Also "shared" builds in this version are the default. > >>> > >>> So yes, you need to: > >>> 1) download the latest OpenSSL (done) > >>> 2) compile it from source: > >>> ./config > >>> make > >>> sudo make install > >>> > >>> 3) download and compile from source the latest stunnel (linking to > >>> shared) > >>> 4) update your SSL certs per my diagram. > >>> > >>> Małgorzata Olszówka > >>> Junior Engineer > >>> > >>> Mobi-Com Polska Sp. z o.o. > >>> www.stunnel.org > >>> > >>> W dniu 01.03.2017 o 19:34, HOFFMAN, GEOFFREY pisze: > >>>> In general, we need to: > >>>> > >>>> 1) download and compile from source the latest OpenSSL with shared > >>>> 2) download and compile from source the latest stunnel (linking to > >>>> shared) > >>>> 3) update our SSL certs per your diagram > >>>> > >>>> Is that correct? > >>>> > >>>> What is -fips and do we need it? > >>>> > >>>> Ref: https://www.openssl.org/source/ KBytes Date File > >>>> 5080 2017-Feb-16 12:03:39 openssl-1.1.0e.tar.gz (SHA256) (PGP sign) > >>>> (SHA1) > >>>> 5184 2017-Jan-26 13:45:54 openssl-1.0.2k.tar.gz (SHA256) (PGP sign) > >>>> (SHA1) > >>>> 1440 2017-Jan-04 16:03:29 openssl-fips-2.0.14.tar.gz (SHA256) (PGP > >>>> sign) (SHA1) > >>>> 1419 2017-Jan-04 16:03:29 openssl-fips-ecp-2.0.14.tar.gz (SHA256) > >>>> (PGP > >>>> sign) (SHA1) > >>>> > >>>> > >>>> > >>>> Geoffrey Hoffman | Software Engineer, DMEhub.com > >>>> 2700 W. Frye Rd., 3rd Floor | Chandler AZ 85224 > >>>> P 1-800-852-3535 x75510 | C 480-231-8323 www.apria.com > >>>> Improving the quality of life for our patients at home. > >>>> > >>>> > >>>>> -----Original Message----- > >>>>> From: Małgorzata Olszówka > [mailto:[email protected]] > >>>>> Sent: Wednesday, March 1, 2017 11:08 AM > >>>>> To: HOFFMAN, GEOFFREY <[email protected]>; > >>> GUTIERREZ, STEVE > >>>>> <[email protected]>; Hodel, Kenneth C > >>>>> <[email protected]> > >>>>> Cc: [email protected] > >>>>> Subject: Re: Request to Meet > >>>>> > >>>>> Please run "sudo make clean" command in the folder where you have > >>>>> openssl-1.0.2k source code (where the Makefile file is). You > >>>>> probably run "sudo make clean" within different folder (where > >>>>> openssl was > >>> installed). > >>>>> > >>>>> If this is successful run: > >>>>> ./config enable-shared > >>>>> > >>>>> Then to remove the OpenSSL remains: > >>>>> sudo rm -rf /usr/local/ssl > >>>>> > >>>>> After that: > >>>>> make > >>>>> sudo make install > >>>>> > >>>>> > >>>>> Małgorzata Olszówka > >>>>> Junior Engineer > >>>>> > >>>>> Mobi-Com Polska Sp. z o.o. > >>>>> www.stunnel.org > >>>>> > >>>>> W dniu 01.03.2017 o 17:31, HOFFMAN, GEOFFREY pisze: > >>>>>> [apria-admin@WEB05 openssl-OpenSSL_1_0_2k]$ sudo make clean > >>>>>> make: *** No rule to make target `clean'. Stop. > >>>>>> > >>>>>> > >>>>>> > >>>>>> Geoffrey Hoffman | Software Engineer, DMEhub.com > >>>>>> 2700 W. Frye Rd., 3rd Floor | Chandler AZ 85224 > >>>>>> P 1-800-852-3535 x75510 | C 480-231-8323 www.apria.com > >>>>>> Improving the quality of life for our patients at home. > >>>>>> > >>>>>> > >>>>>>> -----Original Message----- > >>>>>>> From: Małgorzata Olszówka > >>> [mailto:[email protected]] > >>>>>>> Sent: Wednesday, March 1, 2017 9:08 AM > >>>>>>> To: HOFFMAN, GEOFFREY <[email protected]>; > >>>>> GUTIERREZ, STEVE > >>>>>>> <[email protected]>; Hodel, Kenneth C > >>>>>>> <[email protected]> > >>>>>>> Cc: [email protected] > >>>>>>> Subject: Re: Request to Meet > >>>>>>> > >>>>>>> Hello, > >>>>>>> What about your compiling the latest version of stunnel? > >>>>>>> > >>>>>>> I’m now available via email or Skype if you need my help today. > >>>>>>> My Skype account is Małgorzata Olszówka (olszomal). > >>>>>>> > >>>>>>> Regards, > >>>>>>> -- > >>>>>>> Małgorzata Olszówka > >>>>>>> Junior Engineer > >>>>>>> > >>>>>>> Mobi-Com Polska Sp. z o.o. > >>>>>>> www.stunnel.org > >>>>>>> > >>>>>>> > >>>>>>> W dniu 28.02.2017 o 19:37, HOFFMAN, GEOFFREY pisze: > >>>>>>>> Looks familar, yes, ok we'll try: > >>>>>>>> > >>>>>>>> make clean > >>>>>>>> ./config enable-shared > >>>>>>>> > >>>>>>> > > >>>>>>> > Geoffrey Hoffman | Software Engineer, DMEhub.com > 2700 W. > >>> Frye > >>>>>>> Rd., 3rd Floor | Chandler AZ 85224 > >>>>>>> > P 1-800-852-3535 x75510 | C 480-231-8323 www.apria.com > >>>>>>> > Improving the quality of life for our patients at home. > >>>>>>> > > >>>>>> This e-mail, including any attachments, is meant only for the > >>>>>> intended > >>>>> recipient of the transmission, and may be a confidential > >>>>> communication or a communication privileged by law. If you > >>>>> received this e-mail in error, any review, use, dissemination, > >>>>> distribution, or copying of this e-mail is strictly prohibited. > >>>>> Please notify us immediately of the error by return e-mail and > >>>>> please delete this message from your system. Thank you in advance > for your cooperation. > >>>>>> > >>>> This e-mail, including any attachments, is meant only for the > >>>> intended > >>> recipient of the transmission, and may be a confidential > >>> communication or a communication privileged by law. If you received > >>> this e-mail in error, any review, use, dissemination, distribution, > >>> or copying of this e-mail is strictly prohibited. Please notify us > >>> immediately of the error by return e-mail and please delete this > >>> message from your system. Thank you in advance for your cooperation. > >>>> > > This e-mail, including any attachments, is meant only for the intended > recipient of the transmission, and may be a confidential communication or a > communication privileged by law. If you received this e-mail in error, any > review, use, dissemination, distribution, or copying of this e-mail is > strictly > prohibited. Please notify us immediately of the error by return e-mail and > please delete this message from your system. Thank you in advance for your > cooperation. > > This e-mail, including any attachments, is meant only for the intended recipient of the transmission, and may be a confidential communication or a communication privileged by law. If you received this e-mail in error, any review, use, dissemination, distribution, or copying of this e-mail is strictly prohibited. Please notify us immediately of the error by return e-mail and please delete this message from your system. Thank you in advance for your cooperation. _______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
