Re: [stunnel-users] Trying to get stunnel to work for forwarding

Getting closer. I now get-

[van@mailserver ]$ sudo stunnel /usr/local/etc/stunnel/stunnel.conf
localhost:ipop3

2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/
local/etc/stunnel/mail.pem
2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/
local/etc/stunnel/mail.pem
2007.06.21 11:51:27 LOG4[15899:3086476992]: Wrong permissions on /usr/
local/etc/stunnel/mail.pem

But that doesn't make sense to me. mail.pem permissions are the same
as my cert's and it works fine.

[van@mailserver change_passwd]$ ls -al /usr/local/etc/stunnel/mail.pem
-rw-r--r-- 1 root root 2942 Jun 20 18:21 /usr/local/etc/stunnel/
mail.pem

[van@mailserver change_passwd]$ ls -al /etc/httpd/certs/www.crt
-rw-r--r-- 1 root root 1074 Jun 1 12:30 /etc/httpd/certs/www.crt

Is the error misleading? Or what should the mail.pem perms be?

Van



On Jun 20, 2007, at 9:33 PM, Kevin Cook wrote:

>
> If you are using a stunnel.conf file, I would replace the '-d pop3s
> -r'
> with the absolute path to the .conf file:
>
> sudo /usr/local/sbin/stunnel /usr/local/etc/stunnel/stunnel.conf
>
> I believe command line options were typically used more in older
> versions, but now all configuration is done in the configuration file.
>
>
> Kevin
>
> -----Original Message-----
> From: Van [mailto:vanyel@medusa.bioc.aecom.yu.edu]
> Sent: Wednesday, June 20, 2007 6:03 PM
> To: stunnel-users@mirt.net
> Subject: [stunnel-users] Trying to get stunnel to work for forwarding
> pop3sto ipop3 port
>
> Hello,
>
> This is my introduction to stunnel. I've inherited control of a
> pop3 and
> imap server running Red Hat Linux 4 that I want to access via pop3s
> and
> imaps. I'm starting out with securing the pop3 since most users are
> using it.
>
> I downloaded stunnel 4.20 and compiled it according to the
> instructions
> on stunnel.org.
>
> I read the certificates section of the site and made a new .pem file
> that I named mail.pem and have in the /usr/local/etc/stunnel/
> directory
> that /usr/local/etc/stunnel/stunnel.conf asks for. But when I try to
> run stunnel like in the Examples section I get :
>
> [van@mailserver ~]$ sudo /usr/local/sbin/stunnel -d pop3s -r
> localhost:ipop3
> 2007.06.20 17:59:54 LOG3[25516:3086419648]: -d: No such file or
> directory (2)
> Syntax:
> stunnel [<filename>] ] -fd <n> | -help | -version | -sockets
> <filename> - use specified config file instead of /usr/local/
> etc/stunnel/stunnel.conf
> -fd <n> - read the config file from a file descriptor
> -help - get config file help
> -version - display version and defaults
> -sockets - display default socket options
>
> I'm a little lost here. Never dealt with a .pem file before stunnel.
> I have a self-signed cert I'm successfully using for https webmail on
> the server and guessing stunnel couldn't see that, I appended my file
> 'mailserver.crt' into my mail.pem file and edited stunnel.conf so it
> has
>
> ;CAfile = /usr/local/etc/stunnel/certs.pem CAfile =
> /usr/local/etc/stunnel/mail.pem
>
> but no dice. Same result.
>
> Trying to debug, I find 'stunnel -V' also gives the same result.
>
> Can someone point out what's going wrong?
>
>
> -Van
> _______________________________________________
> stunnel-users mailing list
> stunnel-users@mirt.net
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users
>
>

_______________________________________________
stunnel-users mailing list
stunnel-users@mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users