[stunnel-users] Problems using STunnel with a non-default port -

This is a discussion on [stunnel-users] Problems using STunnel with a non-default port - within the Stunnel Users forums, part of the Networking and Network Related category; I have a personal webserver running on Win2K Pro SP4 that listens on port 17875. This server is accessible through ...

		Usenet Forums > Networking and Network Related > Stunnel Users
[stunnel-users] Problems using STunnel with a non-default port -

LinkBack

Thread Tools

Display Modes

#1 (permalink)

03-16-2005

Chetan Rao

Posts: n/a

[stunnel-users] Problems using STunnel with a non-default port -

I have a personal webserver running on Win2K Pro SP4 that listens on port
17875. This server is accessible through my NAT and software firewall
(ZoneAlarm Pro). I then installed STunnel with the following conf:

[https]
accept=4430
connect=17875
TIMEOUTclose=0

Now, when I access https://<server>:4430, I get a HTTP 400 (Bad Request)
error message, with both Internet Explorer 6 and FireFox 1.01. However, if I
change the accept port from 4430 to 443 (and make the appropriate changes on
the NAT for port forwarding), and use https://<server>, it works. I don't
want to use the standard port. What am I doing wrong?

Here's the log that STunnel generated:

2005.03.16 08:33:26 LOG5[1044:288]: stunnel 4.08 on x86-pc-mingw32-gnu
WIN32+IPv4 with OpenSSL 0.9.7e 25 Oct 2004
2005.03.16 08:33:26 LOG7[1044:1096]: RAND_status claims sufficient entropy
for the PRNG
2005.03.16 08:33:26 LOG6[1044:1096]: PRNG seeded successfully
2005.03.16 08:33:26 LOG7[1044:1096]: Certificate: stunnel.pem
2005.03.16 08:33:26 LOG7[1044:1096]: Key file: stunnel.pem
2005.03.16 08:33:26 LOG5[1044:1096]: No limit detected for the number of
clients
2005.03.16 08:33:26 LOG7[1044:1096]: FD 168 in non-blocking mode
2005.03.16 08:33:26 LOG7[1044:1096]: SO_REUSEADDR option set on accept
socket
2005.03.16 08:33:26 LOG7[1044:1096]: https bound to 0.0.0.0:4430
2005.03.16 08:34:08 LOG7[1044:1096]: https accepted FD=180 from
192.168.0.2:4864
2005.03.16 08:34:08 LOG7[1044:1096]: FD 180 in non-blocking mode
2005.03.16 08:34:08 LOG7[1044:1096]: Creating a new thread
2005.03.16 08:34:08 LOG7[1044:1096]: New thread created
2005.03.16 08:34:08 LOG7[1044:896]: https started
2005.03.16 08:34:08 LOG5[1044:896]: https connected from 192.168.0.2:4864
2005.03.16 08:34:08 LOG7[1044:896]: SSL state (accept): before/accept
initialization
2005.03.16 08:34:08 LOG7[1044:896]: SSL state (accept): SSLv3 read client
hello A
2005.03.16 08:34:08 LOG7[1044:896]: SSL state (accept): SSLv3 write server
hello A
2005.03.16 08:34:08 LOG7[1044:896]: SSL state (accept): SSLv3 write
certificate A
2005.03.16 08:34:08 LOG7[1044:896]: SSL state (accept): SSLv3 write server
done A
2005.03.16 08:34:08 LOG7[1044:896]: SSL state (accept): SSLv3 flush data
2005.03.16 08:34:08 LOG7[1044:896]: SSL state (accept): SSLv3 read client
key exchange A
2005.03.16 08:34:08 LOG7[1044:896]: SSL state (accept): SSLv3 read finished
A
2005.03.16 08:34:08 LOG7[1044:896]: SSL state (accept): SSLv3 write change
cipher spec A
2005.03.16 08:34:08 LOG7[1044:896]: SSL state (accept): SSLv3 write finished
A
2005.03.16 08:34:08 LOG7[1044:896]: SSL state (accept): SSLv3 flush data
2005.03.16 08:34:08 LOG7[1044:896]: 1 items in the session cache
2005.03.16 08:34:08 LOG7[1044:896]: 0 client connects (SSL_connect())
2005.03.16 08:34:08 LOG7[1044:896]: 0 client connects that finished
2005.03.16 08:34:08 LOG7[1044:896]: 0 client renegotiatations requested
2005.03.16 08:34:08 LOG7[1044:896]: 1 server connects (SSL_accept())
2005.03.16 08:34:08 LOG7[1044:896]: 1 server connects that finished
2005.03.16 08:34:08 LOG7[1044:896]: 0 server renegotiatiations requested
2005.03.16 08:34:08 LOG7[1044:896]: 0 session cache hits
2005.03.16 08:34:08 LOG7[1044:896]: 1 session cache misses
2005.03.16 08:34:08 LOG7[1044:896]: 0 session cache timeouts
2005.03.16 08:34:08 LOG6[1044:896]: SSL accepted: new session negotiated
2005.03.16 08:34:08 LOG6[1044:896]: Negotiated ciphers: RC4-MD5
SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
2005.03.16 08:34:08 LOG7[1044:896]: FD 200 in non-blocking mode
2005.03.16 08:34:08 LOG7[1044:896]: https connecting 127.0.0.1:17875
2005.03.16 08:34:08 LOG7[1044:896]: connect_wait: waiting 10 seconds
2005.03.16 08:34:08 LOG7[1044:896]: connect_wait: connected
2005.03.16 08:34:08 LOG7[1044:896]: Remote FD=200 initialized
2005.03.16 08:34:08 LOG7[1044:896]: Socket closed on read
2005.03.16 08:34:08 LOG7[1044:896]: SSL write shutdown
2005.03.16 08:34:08 LOG7[1044:896]: SSL alert (write): warning: close notify
2005.03.16 08:34:08 LOG7[1044:896]: SSL_shutdown retrying
2005.03.16 08:34:08 LOG7[1044:896]: s_poll_wait timeout waiting for SSL
close_notify
2005.03.16 08:34:08 LOG5[1044:896]: Connection closed: 208 bytes sent to
SSL, 389 bytes sent to socket
2005.03.16 08:34:08 LOG7[1044:896]: https finished (0 left)

Any help much appreciated.

Thanks.
_______________________________________________
stunnel-users mailing list
stunnel-users@mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users

« Previous Thread | Next Thread »

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are Off [IMG] code is Off HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

All times are GMT +1. The time now is 10:58 PM.