HI Guys, below is the config which i have configured with TLSv1.2, but still connection establishing only for while when i telnet telnet 127.0.0.1 9233. and just after connection closed.
[TCP] client=yes cert = BBG_cert.pem key = BBG_key.pem verifyChain = yes CAfile = BBG_CACerts.pem connect = 69.191.198.34:8228 accept = 127.0.0.1:9233 sslVersion = TLSv1.2 below the logs: 2017.06.13 11:57:49 LOG5[main]: Reading configuration from file stunnel.conf 2017.06.13 11:57:49 LOG5[main]: UTF-8 byte order mark detected 2017.06.13 11:57:49 LOG5[main]: FIPS mode disabled 2017.06.13 11:57:49 LOG3[main]: Service [TCP]: Each service must define two endpoints 2017.06.13 11:57:49 LOG3[main]: Failed to reload the configuration file 2017.06.13 16:37:16 LOG5[main]: Reading configuration from file stunnel.conf 2017.06.13 16:37:16 LOG5[main]: UTF-8 byte order mark detected 2017.06.13 16:37:16 LOG5[main]: FIPS mode disabled 2017.06.13 16:37:16 LOG4[main]: Service [TCP] uses "verifyChain" without subject checks 2017.06.13 16:37:16 LOG4[main]: Use "checkHost" or "checkIP" to restrict trusted certificates 2017.06.13 16:37:16 LOG5[main]: Configuration successful 2017.06.13 16:38:38 LOG5[11]: Service [TCP] accepted connection from 127.0.0.1:62736 2017.06.13 16:38:38 LOG5[11]: s_connect: connected 69.191.198.34:8228 2017.06.13 16:38:38 LOG5[11]: Service [TCP] connected remote server from 172.16.1.23:62737 2017.06.13 16:38:39 LOG5[11]: Certificate accepted at depth=0: C=US, ST=NEW YORK, L=NEW YORK, O=Bloomberg LP, OU=FIXBETA, CN=fixbeta.bloomberg.com, [email protected] 2017.06.13 16:39:10 LOG5[11]: Connection closed: 0 byte(s) sent to TLS, 0 byte(s) sent to socket i want connection remained connected every time so that i can run the application. application can be work only if the connection remain connected. please help me to sort this out. Regards, Dheeraj Gautam On 25 May 2017 at 12:29, Małgorzata Olszówka < [email protected]> wrote: > Could you please let us know what parameters we are missing here due to >> which connection is not establishing with remote server. >> >> Although, stunnel logs indicating that configuration successful, but in >> logs no where is mentioned about the connection is it connected or not, >> > > > Hello Dheeraj, > > You should set the verifyChain option in order to verify the certificate > stored in the file specified with CAfile: > verifyChain = yes > > Then you can test your connection: > telnet 127.0.0.1 9233 > the stunnel logs will show information about the connection attempt. > > Regards, > Małgorzata > _______________________________________________ > stunnel-users mailing list > [email protected] > https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users > -- www.arborfs.com This e-mail and any attachment are confidential and contain proprietary information, some or all of which may be legally privileged. It is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient, please notify the author immediately by telephone or by replying to this e-mail, and then delete all copies of the e-mail on your system. If you are not the intended recipient, you must not use, disclose, distribute, copy, print or rely on this e-mail. Whilst we have taken reasonable precautions to ensure that this e-mail and any attachment has been checked for viruses, we cannot guarantee that they are virus free and we cannot accept liability for any damage sustained as a result of software viruses. We would advise that you carry out your own virus checks, especially before opening an attachment.
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
