![]() Include file name and line number in OpenSSL errors.Ĭompatibility with the current OpenSSL 3.0.0-dev branch.īetter performance with SSL_set_read_ahead()/SSL_pending().Ī number of testing framework fixes and improvements. New "ciphersuites" option to control the list of permitted TLS 1.3 ciphersuites. New "curves" option to control the list of elliptic curves in OpenSSL 1.1.0 and later. SMTP HELO before authentication (thx to Jacopo Giudici). ![]() Persistence is currently unsupported with session tickets. ![]() Session ticket support (requires OpenSSL 1.1.1 or later). Hexadecimal PSK keys are automatically converted to binary. Logging of the assigned bind address instead of the requested bind address.Ĭheck whether "output" is not a relative file name.Īdded sslVersion, sslVersionMin and sslVersionMax for OpenSSL 1.1.0 and later. Session resumption on other nodes in a cluster. New "ticketKeySecret" and "ticketMacSecret" options to control confidentialityĪnd integrity protection of the issued session tickets. * stunnel.keyring was accidentally installed instead Install the correct file as README.openSUSE (bsc#1150730) BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to * Don't show README.openSUSE when installing. * Use upstream nf and tailor it for openSUSE using sed. * Remove old static openSUSE provided nf. Terminate clients on exit in the FORK threading model. Thread safety fixes in SSL_SESSION object handling. Retry unsuccessful port binding on configuration Support for engines without PRNG seeding methods (thx to With POSIX.1-2008, such as 4.4BSD or Solaris. ![]() Support for realpath(3) implementations incompatible Various text files converted to Markdown format. A number of testing framework fixes and improvements. Delay startup with systemd until network is online. DH/ECDH initialization restored for client sections. Fixed memory leaks on configuration reloading errors. TLS 1.3 configuration updated for better compatibility. New securityLevel configuration file option. The "redirect" option was fixed to properly Remove pidfile from service file fixes start bug: boo#1178533 Scalability (including load-balancing), making it suitable for large deployments. Its architecture is optimized for security, portability, and Stunnel is a proxy designed to add TLS encryption functionality to existing clients and servers withoutĪny changes in the programs' code. The cer-file is located in the config-folder together with the key-file.Stunnel-5.57-lp152.2.3.1.x86_64 RPM Index I get the exact same error when changing the path so I assume that the unknown error is Stunnel not finding the file. Service : Failed to initialize TLS context SSL_CTX_use_certificate_chain_file: crypto/bio/bss_file.c:297: error:8000007B:system library::Unknown error error queue: crypto/bio/bss_file.c:300: error:10080002:BIO routines::system lib error queue: ssl/ssl_rsa.c:448: error:0A080002:SSL routines::system lib Loading certificate from file: "C:\Program Files (x86)\stunnel\config\my_fancy.cer" Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK Reading configuration from file C:\Program Files (x86)\stunnel\config\nf I have a Sectigo certificate with full chain that is PEM-encoded but I get this error: Server is down I can't get Stunnel (5.69) to start on Windows 2022 server.
0 Comments
Leave a Reply. |