David Faizulaev
2016-05-17 11:15:41 UTC
Sorry but I've was incorrect.
The application cannot send or receive messages, I thought I was able to send messages, but I was wrong.
Best Regards,
David.
David Faizulaev | PL/SQL Developer | T +972 (3) 767 3026 | M +972 (54) 7314687
Centralized OT Security Management for Distributed SCADA/ICS Networks
Please consider the environment before printing this e-mail
-----Original Message-----
From: stunnel-users [mailto:stunnel-users-***@stunnel.org] On Behalf Of David Faizulaev
Sent: Tuesday, May 17, 2016 2:13 PM
To: stunnel-***@stunnel.org
Subject: Re: [stunnel-users] Configuring Stunnel to work between client and server - possible certificate issue
I see, I have a keystore file for the server, can it be set as KEY ? can I convert keystore to PEM?
Additionally, I've thought about configuring Stunnel in client mode.
Here is the configuration:
[custom]
client = yes
accept = 127.0.0.1:8449
connect = 192.168.220.72:444
verify = 2
CAfile = server.pem
In this case, my application appears to successfully connect to Stunnel & send messages.
But when it tries to access it in order to collect messages, it fails:
(App in C++)
Error: socketReceive data failed (Requested: 4 bytes, Cur chunk size: 4 bytes. Progress: Got: 0 bytes, Left: 4 bytes): System Err: An unknown error occurred while accessing an unnamed file.
Thank you for your assistance.
Best Regards,
David.
David Faizulaev | PL/SQL Developer | T +972 (3) 767 3026 | M +972 (54) 7314687
Centralized OT Security Management for Distributed SCADA/ICS Networks
Please consider the environment before printing this e-mail
-----Original Message-----
From: stunnel-users [mailto:stunnel-users-***@stunnel.org] On Behalf Of Ludolf Holzheid
Sent: Tuesday, May 17, 2016 2:03 PM
To: stunnel-***@stunnel.org
Subject: Re: [stunnel-users] Configuring Stunnel to work between client and server - possible certificate issue
Please reply to the list, so others are able to comment too.
I don't know the 'default certificate provided by Stunnel'. I expect it to be depending on the distribution.
However, if there are "BEGIN/END CERTIFICATE" lines in your file, but no "BEGIN/END RSA PRIVATE KEY", then the file is in PEM format, but the key is missing. Maybe you have separate files for private key and certificate. If this is the case, you may either concatenate key and certificate to a single file or specify both files in the stunnel
Ludolf
--
Ludolf Holzheid
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
Tel: +49 621 33996-0
Fax: +49 621 3392239
mailto:***@bihl-wiedemann.de
http://www.bihl-wiedemann.de
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann Amtsgericht Mannheim, HRB 5796 _______________________________________________
stunnel-users mailing list
stunnel-***@stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
_______________________________________________
stunnel-users mailing list
stunnel-***@stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
The application cannot send or receive messages, I thought I was able to send messages, but I was wrong.
Best Regards,
David.
David Faizulaev | PL/SQL Developer | T +972 (3) 767 3026 | M +972 (54) 7314687
Centralized OT Security Management for Distributed SCADA/ICS Networks
Please consider the environment before printing this e-mail
-----Original Message-----
From: stunnel-users [mailto:stunnel-users-***@stunnel.org] On Behalf Of David Faizulaev
Sent: Tuesday, May 17, 2016 2:13 PM
To: stunnel-***@stunnel.org
Subject: Re: [stunnel-users] Configuring Stunnel to work between client and server - possible certificate issue
I see, I have a keystore file for the server, can it be set as KEY ? can I convert keystore to PEM?
Additionally, I've thought about configuring Stunnel in client mode.
Here is the configuration:
[custom]
client = yes
accept = 127.0.0.1:8449
connect = 192.168.220.72:444
verify = 2
CAfile = server.pem
In this case, my application appears to successfully connect to Stunnel & send messages.
But when it tries to access it in order to collect messages, it fails:
(App in C++)
Error: socketReceive data failed (Requested: 4 bytes, Cur chunk size: 4 bytes. Progress: Got: 0 bytes, Left: 4 bytes): System Err: An unknown error occurred while accessing an unnamed file.
Thank you for your assistance.
Best Regards,
David.
David Faizulaev | PL/SQL Developer | T +972 (3) 767 3026 | M +972 (54) 7314687
Centralized OT Security Management for Distributed SCADA/ICS Networks
Please consider the environment before printing this e-mail
-----Original Message-----
From: stunnel-users [mailto:stunnel-users-***@stunnel.org] On Behalf Of Ludolf Holzheid
Sent: Tuesday, May 17, 2016 2:03 PM
To: stunnel-***@stunnel.org
Subject: Re: [stunnel-users] Configuring Stunnel to work between client and server - possible certificate issue
Hello Ludolf,
I've printed the content of certificate file and the lines: "-----BEGIN CERTIFICATE-----" "-----END CERTIFICATE-----" exist.
In addition, I've compared the default certificate provided by Stunnel with the one I wish to use, they're structure is identical.
Hello David,I've printed the content of certificate file and the lines: "-----BEGIN CERTIFICATE-----" "-----END CERTIFICATE-----" exist.
In addition, I've compared the default certificate provided by Stunnel with the one I wish to use, they're structure is identical.
Please reply to the list, so others are able to comment too.
I don't know the 'default certificate provided by Stunnel'. I expect it to be depending on the distribution.
However, if there are "BEGIN/END CERTIFICATE" lines in your file, but no "BEGIN/END RSA PRIVATE KEY", then the file is in PEM format, but the key is missing. Maybe you have separate files for private key and certificate. If this is the case, you may either concatenate key and certificate to a single file or specify both files in the stunnel
key = my-private-key.pem
cert = my-certificate.pem
cert = my-certificate.pem
--
Ludolf Holzheid
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
Tel: +49 621 33996-0
Fax: +49 621 3392239
mailto:***@bihl-wiedemann.de
http://www.bihl-wiedemann.de
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann Amtsgericht Mannheim, HRB 5796 _______________________________________________
stunnel-users mailing list
stunnel-***@stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
_______________________________________________
stunnel-users mailing list
stunnel-***@stunnel.org
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users