stunnel is a SSH Wrapper in Linux.
While attempting to use stunnel in DAB, the general notes given on the home page has paths for various files in different places if done via
The configuration file for stunnel is stored at the default location:
The ssl certificate template is at:
Generate the PEM file at /etc/stunnel/ location using:
or
The c_hash script is at /usr/lib/ssl/misc/ and is used to generate a hash for PEM file naming:
This prints the result as:
The general DAB Cert Store is at:
If you get:
Then fix the permission:
Usage to generate the check (-h is an invalid option):
While attempting to use stunnel in DAB, the general notes given on the home page has paths for various files in different places if done via
Code:
# apt-get install stunnel
The configuration file for stunnel is stored at the default location:
Code:
/etc/stunnel/stunnel.conf
Code:
/usr/share/doc/stunnel4/examples/stunnel.cnf
Code:
make-ssl-cert /usr/share/doc/stunnel4/examples/stunnel.cnf stunnel.pem
Code:
cp /usr/share/doc/stunnel4/examples/stunnel.cnf /etc/stunnel/stunnel.cnf
openssl req -new -x509 -days 365 -nodes -config stunnel.cnf -out stunnel.pem -keyout stunnel.pem
Code:
/usr/lib/ssl/misc/c_hash stunnel.pem
Code:
e56d2502.0 => stunnel.pem
Code:
/etc/ssl/certs/
If you get:
Code:
Wrong permissions on /etc/stunnel/stunnel.pem
Code:
# chmod 600 /etc/stunnel/stunnel.pem
Code:
# stunnel -h
Unknown option: h
2010.04.05 05:59:37 LOG7[24949:3083314864]: Snagged 64 random bytes from /root/.rnd
2010.04.05 05:59:37 LOG7[24949:3083314864]: Wrote 1024 new random bytes to /root/.rnd
2010.04.05 05:59:37 LOG7[24949:3083314864]: RAND_status claims sufficient entropy for the PRNG
2010.04.05 05:59:37 LOG7[24949:3083314864]: PRNG seeded successfully
2010.04.05 05:59:37 LOG7[24949:3083314864]: Certificate: /etc/stunnel/stunnel.pem
2010.04.05 05:59:37 LOG7[24949:3083314864]: Certificate loaded
2010.04.05 05:59:37 LOG7[24949:3083314864]: Key file: /etc/stunnel/stunnel.pem
2010.04.05 05:59:37 LOG7[24949:3083314864]: Private key loaded
2010.04.05 05:59:37 LOG7[24949:3083314864]: SSL context initialized for service stunnel
inetd mode must define a remote host or an executable
Last edited: