I get the following error running 'sudo service stunnel4 status' :
LOG3[0]: SSL_accept: ../ssl/record/ssl3_record.c:331: error:1408F10B:SSL
routines:ssl3_get_record:wrong version number
is that merely a mismatch between openSSL versions used by client and server?
I have tried changing the config file options, also with no specification since
the default according to stunnel.org is:
options = NO_SSLv2
options = NO_SSLv3
I have tried (service level option):
sslVersion = TLSv1
Same error. When running sudo service stunnel4 status after start:
May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: Threading:PTHREAD
Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP
May 12 08:22:45 user-Linux stunnel4[16616]: Starting TLS tunnels:
/etc/stunnel/stunnel.conf: started
May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: Reading configuration
from file /etc/stunnel/stunnel.conf
May 12 08:22:45 user-Linux systemd[1]: Started LSB: Start or stop stunnel
4.x (TLS tunnel for network daemons).
May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: UTF-8 byte order mark
not detected
May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: FIPS mode disabled
May 12 08:22:45 user-Linux stunnel[16630]: LOG4[ui]: Insecure file
permissions on /var/lib/stunnel4/psk.txt
May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: Configuration
successful
May 12 08:22:45 user-Linux stunnel[16630]: LOG5[ui]: Switched to chroot
directory: /var/lib/stunnel4/
May 12 08:22:45 user-Linux stunnel[16632]: LOG5[cron]: Updating DH
parameters
After trying to make a connection via FIX connection:
May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: Service [**redacted**]
started
May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: Setting local socket
options (FD=3)
May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: Option TCP_NODELAY set
on local socket
May 12 08:28:04 user-Linux stunnel[16798]: LOG5[0]: Service [**redacted**]
accepted connection from 127.0.0.1:51954
May 12 08:28:04 user-Linux stunnel[16798]: LOG6[0]: Peer certificate not
required
May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: TLS state (accept):
before SSL initialization
May 12 08:28:04 user-Linux stunnel[16798]: LOG3[0]: SSL_accept:
../ssl/record/ssl3_record.c:331: error:1408F10B:SSL
routines:ssl3_get_record:wrong version number
May 12 08:28:04 user-Linux stunnel[16798]: LOG5[0]: Connection reset: 0
byte(s) sent to TLS, 0 byte(s) sent to socket
May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: Local descriptor (FD=3)
closed
May 12 08:28:04 user-Linux stunnel[16798]: LOG7[0]: Service [**redacted**]
finished (0 left)
_______________________________________________
stunnel-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
