Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 66889

Summary: SSL error in net-misc/stunnel-4.05
Product: Gentoo Linux Reporter: Kevin Williams <kevwil>
Component: New packagesAssignee: Lance Albertson (RETIRED) <ramereth>
Status: RESOLVED NEEDINFO    
Severity: normal CC: aliz, stian
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard:
Package list:
Runtime testing required: ---

Description Kevin Williams 2004-10-09 09:07:42 UTC 
Possibly relating to bug #60733. First documented in http://forums.gentoo.org/viewtopic.php?t=182240.

When I do this:

./CA.pl -sign
Using configuration from /etc/ssl/openssl.cnf
11094:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=CA_default name=unique_subject
Enter pass phrase for ./demoCA/private/cakey.pem:

I can enter the correct pass phrase and the process completes OK.

Then I do this:

openssl x509 -in newcert.pem -out /etc/stunnel/stunnel.pem

And that is fine.

When I run stunnel, I get this:


2004.06.05 20:46:04 LOG5[11074:16384]: stunnel 4.04 on i686-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7d 17 Mar 2004
2004.06.05 20:46:04 LOG3[11074:16384]: error stack: 140B3009 : error:140B3009:SSL routines:SSL_CTX_use_RSAPrivateKey_file:PEM lib
2004.06.05 20:46:04 LOG3[11074:16384]: SSL_CTX_use_RSAPrivateKey_file: 906D06C: error:0906D06C:PEM routines:PEM_read_bio:no start line
Comment 1 Stian Skjelstad 2005-03-07 19:47:41 UTC 
Where do you get ./CA.pl from? What directory are you in? Some errors with x509 can come from entries being invalid, such as giving a country string longer that 2 bytes, or null-length common-name etc. Need info would be needed in order to identify your problem.

/usr/share/doc/4.05/ca.pl is the closest I can see from stunnel, or /etc/ssl/misc/CA.pl from the openssl package itself.
Comment 2 Lance Albertson (RETIRED) gentoo-dev 2005-05-13 20:00:32 UTC 
Are you still having this problem?
Comment 3 Lance Albertson (RETIRED) gentoo-dev 2005-05-13 20:01:00 UTC 
Please let me know! :)
Comment 4 Kevin Williams 2005-05-13 22:45:02 UTC 
Yes, nothing has changed.
Comment 5 Lance Albertson (RETIRED) gentoo-dev 2005-05-13 23:02:58 UTC 
Can you try the 4.09 version in portage? I just committed that today.