[stunnel-users] Fwd: (Без темы)

Andrey Thu, 09 Mar 2017 03:23:37 -0800

Hello!

I'm trying to provide https support using stunnel-5.40 build with openssl-1.0.2k to httpd BusyBox server on embedded Petalinux system.

Cross compilation was success.

Then, i configured stunnel with:

setgid = www-data

pid = /stunnel.pid

cert = /etc/stunnel/cert/serverCert.crt
key = /etc/stunnel/cert/serverKey.pem

debug = 7
output = /stunnel.log

options = ALL
options = NO_SSLv2

socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1

verify = 2

CApath = /certs
CAfile = /etc/stunnel/cert/CA.crt

[https]
accept = 443
connect = 127.0.0.1:80
TIMEOUTclose = 0

Then run stunnel and tried connecting to server :443 secured port. Browser was loading web page about 1-2 minutes but couldn't do that. Log is following:

1970.01.01 03:40:04 LOG7[main]: Service [https] accepted (FD=9) from 192.168.0.5:50670
1970.01.01 03:40:04 LOG7[1]: Service [https] started
1970.01.01 03:40:04 LOG7[1]: Option TCP_NODELAY set on local socket
1970.01.01 03:40:04 LOG5[1]: Service [https] accepted connection from 192.168.0.5:50670
1970.01.01 03:40:04 LOG6[1]: Peer certificate required
1970.01.01 03:40:04 LOG7[1]: TLS state (accept): before/accept initialization
1970.01.01 03:40:04 LOG7[1]: SNI: no virtual services defined
1970.01.01 03:40:04 LOG7[1]: TLS state (accept): SSLv3 read client hello A
1970.01.01 03:40:04 LOG7[1]: TLS state (accept): SSLv3 write server hello A
1970.01.01 03:40:04 LOG7[1]: TLS state (accept): SSLv3 write certificate A

1970.01.01 03:43:52 LOG7[main]: Found 1 ready file descriptor(s)
1970.01.01 03:43:52 LOG7[main]: FD=4 events=0x2001 revents=0x0
1970.01.01 03:43:52 LOG7[main]: FD=7 events=0x2001 revents=0x1
1970.01.01 03:43:52 LOG7[main]: Service [https] accepted (FD=10) from 192.168.0.5:50794
1970.01.01 03:43:52 LOG7[main]: Found 1 ready file descriptor(s)
1970.01.01 03:43:52 LOG7[2]: Service [https] started
1970.01.01 03:43:52 LOG7[main]: FD=4 events=0x2001 revents=0x0
1970.01.01 03:43:52 LOG7[2]: Option TCP_NODELAY set on local socket
1970.01.01 03:43:52 LOG7[main]: FD=7 events=0x2001 revents=0x1
1970.01.01 03:43:52 LOG5[2]: Service [https] accepted connection from 192.168.0.5:50794
1970.01.01 03:43:52 LOG7[main]: Service [https] accepted (FD=11) from 192.168.0.5:50796
1970.01.01 03:43:52 LOG6[2]: Peer certificate required
1970.01.01 03:43:52 LOG7[3]: Service [https] started
1970.01.01 03:43:52 LOG7[2]: TLS state (accept): before/accept initialization
1970.01.01 03:43:52 LOG7[3]: Option TCP_NODELAY set on local socket
1970.01.01 03:43:52 LOG5[3]: Service [https] accepted connection from 192.168.0.5:50796
1970.01.01 03:43:52 LOG7[2]: SNI: no virtual services defined
1970.01.01 03:43:52 LOG6[3]: Peer certificate required
1970.01.01 03:43:52 LOG7[2]: TLS state (accept): SSLv3 read client hello A
1970.01.01 03:43:52 LOG7[2]: TLS state (accept): SSLv3 write server hello A
1970.01.01 03:43:52 LOG7[3]: TLS state (accept): before/accept initialization
1970.01.01 03:43:53 LOG7[2]: TLS state (accept): SSLv3 write certificate A
1970.01.01 03:43:53 LOG7[3]: SNI: no virtual services defined
1970.01.01 03:43:53 LOG7[3]: TLS state (accept): SSLv3 read client hello A
1970.01.01 03:43:53 LOG7[3]: TLS state (accept): SSLv3 write server hello A
1970.01.01 03:43:53 LOG7[3]: TLS state (accept): SSLv3 write certificate A

Please help me to understand what i did wrong?

Best wishes,

Synkov.A

_______________________________________________
stunnel-users mailing list
[email protected]
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users

[stunnel-users] Fwd: (Без темы)

Reply via email to