I'm new to stunnel and think it may be easier to use this in our environment. Any help would be appreciated! Here is my setup.
Source and Destination OS: Windows 2022 Data Center VMs I copied the stunnel.pem from SERVER to CLIENT and named it stunnel_client.pem. I get the following error when connecting from CLIENT -> SERVER. 2022.07.23 17:30:28 LOG6[3]: SNI: sending servername: x.x.x.x 2022.07.23 17:30:28 LOG6[3]: Peer certificate required 2022.07.23 17:30:28 LOG4[3]: CERT: Subject checks failed 2022.07.23 17:30:28 LOG4[3]: Rejected by CERT at depth=0: C=US, ST=New Jersey, L=Edison, O=Crestron, OU=ProPortal, CN=vmsql-edatahub-.crestron.com 2022.07.23 17:30:28 LOG3[3]: SSL_connect: ssl/statem/statem_clnt.c:1887: error:0A000086:SSL routines::certificate verify failed 2022.07.23 17:30:28 LOG5[3]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket *****STUNNEL.CONF***** SERVER: socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 socket = l:SO_KEEPALIVE=1 socket = r:SO_KEEPALIVE=1 options = NO_SSLv2 options = NO_SSLv3 options = NO_TLSv1 sslVersion = TLSv1.2 [ncatListener] accept = 8443 connect = 4489 cert = stunnel.pem CLIENT: socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 socket = l:SO_KEEPALIVE=1 socket = r:SO_KEEPALIVE=1 options = NO_SSLv2 options = NO_SSLv3 options = NO_TLSv1 sslVersion = TLSv1.2 [ncatSender] client = yes accept = 127.0.0.1:4488 connect = <x.x.x.x>:8443 verifyPeer = yes CAfile = stunnel_client.pem checkIP = <x.x.x.x> OCSPaia = yes _______________________________________________ stunnel-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
