No luck. The downloaded stunnel 5.56 behaves exactly as 5.48 - it logs "CAPI_GET_KEY:cryptacquirecontext error" or "CAPI_CTX_SET_PROVNAME:cryptacquirecontext error" (depending on selected csp_name and csp_type) *.* Did anyone succeed in getting stunnel+capi work for TLS 1.2 ? Maybe some OpenSSL configuration commands could help... But I cannot imagine what. And I did see "You also need to disable TLS 1.2 or later because the CryptoAPI engine currently does not support PSS" phrase in sample stunnel.conf - isn't it an obsolete restriction?
Thanks in advance, Michael On Wed, Jun 3, 2020 at 12:13 AM Jose Alf. <[email protected]> wrote: > Hi Michael, > > See below: > > On Tuesday, June 2, 2020, 10:42:30 AM GMT-5, Michael S. Chusovitin < > [email protected]> wrote: > > > > Stunnel version is 5.48 with OpenSSL 1.0.2o-fips. (in this very case I > need to use 32bit version, so no possibility to upgrade). > > Actually, you can upgrade your Windows 32-bit stunnel. Either, you compile > your own, or you can get the latest from here: > > > https://github.com/josealf/stunnel-win32/blob/master/stunnel-testing-win32-5.56-ossl-1.1.1g-installer.exe > > Regards, > Jose >
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
