Re: [stunnel-users] Cert errors ....... need help!

Jan Meijer said:
> Hi Richard,
>
> On Thu, 17 Mar 2005, Richard Houston wrote:
>
>> I have take over a stunnel install and all the clients certs have
>> expired.
>
> I didn't read anywhere in your logs the certs had expired ;).
>
> Could you please send over the config of both your server and your client?
> It's probably something simple but looks like you made errors in both
> configs.
>
>
> Jan
>
Hi Jan,

I have replace the keys alreay. These are new keys altogether.

Here is the configs as requested:

Server:


cert = /etc/stunnel/server.pem
#chroot = /usr/local/var/run/stunnel/
# PID is created inside chroot jail
pid = /tmp/stunnel.pid
setuid = nobody
#setgid = nogroup
foreground = no

# Workaround for Eudora bug
#options = DONT_INSERT_EMPTY_FRAGMENTS

# Authentication stuff
verify = 333
# don't forget about c_rehash CApath
# it is located inside chroot jail:
#CApath = /etc/stunnel/certs
# or simply use CAfile instead:
CAfile = /etc/stunnel/cacert.pem

# Some debugging stuff
debug = 7
output = /var/log/stunnel.log

# Use it for client mode
#client = yes

# Service-level configuration


[school4]
accept = XX.XXX.XXX.XXX:443
connect = 10.10.10.12:23
TIMEOUTidle = 3600

Client:

CApath=c:\stunnel
#cert=c:\stunnel\traf-test.pem
client = yes
verify = 2
debug=7

[schools]
accept = 23
connect = XX.XXXX.XX.XX:443

Thanks for the help!


_______________________________________________
stunnel-users mailing list
stunnel-users@mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users