George Stoianov schreef:
I have used this: http://www.5dollarwhitebox.org/wiki/index.php/Howtos_Self_Signed_SSL_Certifi...
To create a csr and cert etc. I had to only add a flag to generate the file for the serial number. I am not sure what is causing this issue, but trying a different approach may help or llead to a different error message. HTH George
... Well, I tried another howto, about adding TLS support to Postfix, which worked for my mail-server. But this didn't work either for stunnel. Finally I combined some howto's and I got partial success. One has to append the private key, the certificate and "Diffie-Hellman parameters". Each section has a blank line between them. And the last line is also a blank line. I did it this way : cat server.key > server.keycrt echo \ >> server.keycrt cat server.crt >> server.keycrt echo \ >> server.keycrt openssl gendh 512 >> server.keycrt The server.keycrt is the cert stunnel uses. With partial success I mean I can connect if I don't check the client certificate at the server (verify = 2). I believe the server can't find the client-certificate, but I don't know why. Anyone knows how to see which file an application tries to open ? -- Met vriendelijke groeten, Koenraad Lelong R&D Manager ACE electronics n.v. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org