Hi, I am new to stunnel on a MAC. When I run stunnel with the enabled configuration [mllp-to-dip], I am prompted for a local password and then for my certificate passphrase. I am not able to establish a tunnel. See logs:
Initializing service [mllp-to-dip] [ ] stunnel default security level set: 2 [ ] Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK [ ] TLSv1.3 ciphersuites: TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256 [ ] TLS options: 0x2100000 (+0x0, -0x0) [ ] Session resumption enabled [ ] Loading certificate from file: /opt/homebrew/etc/stunnel/test_client.cert.pem [ ] Certificate loaded from file: /opt/homebrew/etc/stunnel/test_client.cert.pem [ ] Loading private key from file: /opt/homebrew/etc/stunnel/test_client_cert.pem [:] Insecure file permissions on /opt/homebrew/etc/stunnel/test_client_cert.pem [ ] Private key loaded from file: /opt/homebrew/etc/stunnel/test_client_cert.pem [ ] Private key check succeeded [:] Service [mllp-to-dip] needs authentication to prevent MITM attacks [ ] DH initialization skipped: client section [ ] ECDH initialization [ ] ECDH initialized with curves X25519:P-256:X448:P-521:P-384 [.] Configuration successful [ ] Deallocating deployed section defaults [ ] Binding service [mllp-to-dip] [ ] Listening file descriptor created (FD=9) [ ] Setting accept socket options (FD=9) [ ] Option SO_REUSEADDR set on accept socket [.] Binding service [mllp-to-dip] to :::6661: Address already in use (48) [ ] Listening file descriptor created (FD=9) [ ] Setting accept socket options (FD=9) [ ] Option SO_REUSEADDR set on accept socket [.] Binding service [mllp-to-dip] to 0.0.0.0:6661: Address already in use (48) [!] Binding service [mllp-to-dip] failed [ ] Unbinding service [mllp-to-dip] [ ] Service [mllp-to-dip] closed [ ] Deallocating deployed section defaults [ ] Deallocating section [mllp-to-dip] Can someone help with my troubleshooting steps? _______________________________________________ stunnel-users mailing list -- [email protected] To unsubscribe send an email to [email protected]
