On Tue, Aug 06, 2024 at 10:01:06AM -0400, Jason Mitchell wrote: > > Unfortunately, what doesn’t work for me is: > > NetBSD-10.0/stunnel 5.71 (or 5.72) > > It looks like stunnel is trying verify its certificate and something in the > response causes it to crash. Here’s a snippet of the output right before the > segfault: > 2024.08.04 13:47:35 LOG7[0]: SNI: no virtual services defined > 2024.08.04 13:47:35 LOG7[0]: OCSP stapling: Server callback called > 2024.08.04 13:47:35 LOG6[0]: OCSP: The root CA certificate was not found > 2024.08.04 13:47:35 LOG5[0]: OCSP: Connecting the AIA responder > "http://e5.o.lencr.org"; > Segmentation fault (core dumped) >
No suggestions but I can confirm that stunnel 5.71 on an oldish post 10 -current works for me using certificates. Maybe the cert is broken in some way? What does: openssl x509 -in cert_file_here -text say? -- Brett Lymn -- Sent from my NetBSD device. "We are were wolves", "You mean werewolves?", "No we were wolves, now we are something else entirely", "Oh"
