W dniu 12.10.2020 o 14:29, Bob Bob pisze:
Hi,
I just updated to version 5.57 and the config I used for ever does not
work anymore.
I regenerated the self certs using the "Build a Self-signed stunnel.pem"
in Windows and made sure the CN was matching the hostname
of the server machine.
I understand there is an issue with the self signed certificate...
...but it was working fine under 5.56.
Server configuration
[Server_SyncThing]
cert = stunnel.pem
accept = 999
connect = 127.0.0.1:24596
ciphers = PSK
PSKsecrets = psk.txt
Client configuration
[SyncThing]
client = yes
accept = 127.0.0.1:24596
connect = 192.168.0.102:999
verifyPeer = yes
CAfile = stunnel.pem
PSKsecrets = psk.txt
Hi Bob,
The easiest way to configure authentication is with PSK (Pre-Shared
Key). It provides both client and server authentication. PSK is also the
fastest TLS authentication.
But use of the PSKsecrets option in combination with the verifyPeer
option in your configuration file doesn't work.
Ether the PSK secret or the peer certificate is used for authentication.
You just need to disable the verifyPeer option. Certificate is also not
required.
Best regards,
Małgorzata Olszówka
_______________________________________________
stunnel-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
