See comments below:
On Thursday, April 22, 2021, 06:15:33 PM GMT-5, <yf...@seas.upenn.edu>
wrote:
Thanks for your reply Jose.
As for your first question, I receive the plaintext packets in port 6666 on the
server side. I print it out by tcpdump -A.
About the second question, I think adding client=yes to sender's config file
and client=no to receiver's config file is not helpful. I tried this before and
nothing changes.
JAD: Of course, it has effect. To create a TLS tunnel you need a TLS client and
a TLS server.
Also, I am kind of confused how to run stunnel between server and client.
Currently what I am doing is run command "sudo stunnel stunnel.config" in my
server side, and run another "sudo stunnel stunnel.config" with slight
difference in the configuration file. Is that correct?
JAD: You may have running instances of stunnel. Your configuration changes or
command line invocations may not be executing. You need to take a look at the
location you define for your logs, to see what's happening. Check your active
processes and the active TCP binds. Examples:
ps -ef | egrep [s]tunnelnetstat -an | grep :6666netstat -an | grep :6667
If you get nothing from this commands, you're good to go. Otherwise, you have
to kill the running process first.
Also check your logs:
less /home/ubuntu/client_server/stunnel.log
Also, check the file permissions of your keys and certificate files. Unsecure
permissions for a private key will not work. Also, if you don't find your logs
or there's no information in them, the user you are running may not have
permissions to write. You can can do a trace running stunnel under strace, like
this.
strace /usr/bin/stunnel /etc/stunnel.conf
Ýou'll get a lot of outpt in your screen, but if you know how to read it will
show what's wrong,
And finally, How are you pushing the clear text into the tunnel?
I think I gave you all information to put you on track of solving your problems.
regards,
Jose
_______________________________________________
stunnel-users mailing list -- stunnel-users@stunnel.org
To unsubscribe send an email to stunnel-users-le...@stunnel.org
_______________________________________________
stunnel-users mailing list -- stunnel-users@stunnel.org
To unsubscribe send an email to stunnel-users-le...@stunnel.org
