Stunnel
Miloslav Hájek
miloslav.hajek na idea.cz
Středa Květen 28 11:45:30 CEST 2003
Zdravim,
mel bych jeden dotaz. Snazim se rozebehnout stunnel. Certifikat s klicem
jsem si vytvoril sam. Funguje to, ale kdyz nastavim server, aby overoval
klienta tak mi to pada. Pokud to same udelam na Win (stejný stunnel.conf i
stunnel.pem) tak to bezi. Prikladam kousek logu klienta.
Predem diky.
Miloslav Hajek
2003.05.28 11:36:46 LOG5[478:468]: stunnel 4.04 on x86-pc-mingw32-gnu WIN32
with OpenSSL 0.9.7b 10 Apr 2003
2003.05.28 11:36:46 LOG7[478:331]: RAND_status claims sufficient entropy for
the PRNG
2003.05.28 11:36:46 LOG6[478:331]: PRNG seeded successfully
2003.05.28 11:36:46 LOG7[478:331]: Certificate: cert.pem
2003.05.28 11:36:46 LOG7[478:331]: Key file: key.pem
2003.05.28 11:36:46 LOG5[478:331]: WIN32 platform: 30000 clients allowed
2003.05.28 11:36:46 LOG7[478:331]: FD 132 in non-blocking mode
2003.05.28 11:36:46 LOG7[478:331]: SO_REUSEADDR option set on accept socket
2003.05.28 11:36:46 LOG7[478:331]: http bound to 0.0.0.0:1523
2003.05.28 11:36:51 LOG7[478:331]: http accepted FD=140 from 127.0.0.1:3969
2003.05.28 11:36:51 LOG7[478:331]: FD 140 in non-blocking mode
2003.05.28 11:36:51 LOG7[478:456]: http started
2003.05.28 11:36:51 LOG5[478:456]: http connected from 127.0.0.1:3969
2003.05.28 11:36:51 LOG7[478:456]: FD 160 in non-blocking mode
2003.05.28 11:36:51 LOG7[478:456]: http connecting 10.168.1.24:993
2003.05.28 11:36:51 LOG7[478:456]: remote connect #1: EWOULDBLOCK: retrying
2003.05.28 11:36:51 LOG7[478:456]: waitforsocket: FD=160, DIR=write
2003.05.28 11:36:51 LOG7[478:456]: waitforsocket: ok
2003.05.28 11:36:51 LOG7[478:456]: remote connect #2: EINVAL: ok
2003.05.28 11:36:51 LOG7[478:456]: Remote FD=160 initialized
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): before/connect
initialization
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): SSLv3 write client
hello A
2003.05.28 11:36:51 LOG7[478:456]: waitforsocket: FD=160, DIR=read
2003.05.28 11:36:51 LOG7[478:456]: waitforsocket: ok
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): SSLv3 read server
hello A
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): SSLv3 read server
certificate A
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): SSLv3 read server
certificate request A
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): SSLv3 read server
done A
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): SSLv3 write client
certificate A
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): SSLv3 write client
key exchange A
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): SSLv3 write
certificate verify A
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): SSLv3 write change
cipher spec A
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): SSLv3 write finished
A
2003.05.28 11:36:51 LOG7[478:456]: SSL state (connect): SSLv3 flush data
2003.05.28 11:36:51 LOG7[478:456]: waitforsocket: FD=160, DIR=read
2003.05.28 11:36:51 LOG7[478:456]: waitforsocket: ok
2003.05.28 11:36:51 LOG7[478:456]: SSL alert (read): fatal: bad certificate
2003.05.28 11:36:51 LOG3[478:456]: SSL_connect: 14094412: error:14094412:SSL
routines:SSL3_READ_BYTES:sslv3 alert bad certificate
2003.05.28 11:36:51 LOG7[478:456]: http finished (0 left)
Další informace o konferenci Linux