George Stoianov schreef:
I have used this:
http://www.5dollarwhitebox.org/wiki/index.php/Howtos_Self_Signed_SSL_Certificates
To create a csr and cert etc. I had to only add a flag to generate the
file for the serial number.
I am not sure what is causing this issue, but trying a different
approach may help or llead to a different error message.
HTH
George
...
Well, I tried another howto, about adding TLS support to Postfix, which
worked for my mail-server. But this didn't work either for stunnel.
Finally I combined some howto's and I got partial success.
One has to append the private key, the certificate and "Diffie-Hellman
parameters". Each section has a blank line between them. And the last
line is also a blank line. I did it this way :
cat server.key > server.keycrt
echo \ >> server.keycrt
cat server.crt >> server.keycrt
echo \ >> server.keycrt
openssl gendh 512 >> server.keycrt
The server.keycrt is the cert stunnel uses.
With partial success I mean I can connect if I don't check the client
certificate at the server (verify = 2). I believe the server can't find
the client-certificate, but I don't know why. Anyone knows how to see
which file an application tries to open ?
--
Met vriendelijke groeten,
Koenraad Lelong
R&D Manager
ACE electronics n.v.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
