Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- when i run this;
- openssl req -new -x509 -days 365 -nodes -config /etc/stunnel/stunnel.conf -out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem
- im getting this;
- error on line 1 of /etc/stunnel/stunnel.conf
- 21987:error:0E079065:configuration file routines:DEF_LOAD_BIO:missing equal sign:conf_def.c:366:line 1
- stunnel.conf looks like this;
- ; Sample stunnel configuration file by Michal Trojnara 2002-2009
- ;
- ; some options used here may not be adequate for your particular configuration
- ; please read the manual and make sure you understand them
- ; certificate/key is needed in server mode and optional in client mode
- cert = /usr/local/etc/stunnel/mail.pem
- ;key = /usr/local/etc/stunnel/mail.pem
- ; protocol version (all, SSLv2, SSLv3, TLSv1)
- sslVersion = SSLv3
- ; security enhancements for UNIX systems - comment them out on Win32
- ; for chroot a copy of some devices and files is needed within the jail
- chroot = /usr/local/var/lib/stunnel/
- setuid = nobody
- setgid = nogroup
- ; PID is created inside the chroot jail
- pid = /stunnel.pid
- ; performance tunings
- socket = l:TCP_NODELAY=1
- socket = r:TCP_NODELAY=1
- ;compression = zlib
- ; workaround for Eudora bug
- ;options = DONT_INSERT_EMPTY_FRAGMENTS
- ; authentication stuff needs to be configured to prevent MITM attacks
- ; it is not enabled by default!
- ;verify = 2
- ; don't forget to c_rehash CApath
- ; CApath is located inside chroot jail
- ;CApath = /certs
- ; it's often easier to use CAfile
- ;CAfile = /usr/local/etc/stunnel/certs.pem
- ; don't forget to c_rehash CRLpath
- ; CRLpath is located inside chroot jail
- ;CRLpath = /crls
- ; alternatively CRLfile can be used
- ;CRLfile = /usr/local/etc/stunnel/crls.pem
- ; debugging stuff (may useful for troubleshooting)
- ;debug = 7
- ;output = stunnel.log
- ; SSL client mode
- ;client = yes
- ; service-level configuration
- [pop3s]
- accept = 995
- connect = 110
- [imaps]
- accept = 993
- connect = 143
- [ssmtp]
- accept = 465
- connect = 25
- ;[https]
- ;accept = 443
- ;connect = 80
- ;TIMEOUTclose = 0
- ; vim:ft=dosini
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement