Not sure this is the right place to post this, but the client and server are both RaspberryPi 4 ![:)]( "Smile")
Here is the Server stunnel.conf:Here is the client stunnel.confI get 'bad psk' in the client stunnel4 log
and on the server I get 'read error' in the stunnel4.log
So it seems the client is not able to generate the PSK properly.
If I switch to TSLv1.2, everything works fine, but I get warnings about using TLS1.2 and docs on the net recommend 1.3 as it being more secure and faster.
stunnel4 version 5.5.0
OpenSSL version 1.1.1n
Ideas?
Thanks!
Here is the Server stunnel.conf:
Code:
sslVersion = TLSv1.3options = NO_SSLv2cert = /etc/stunnel/server.pempid = /var/run/stunnel4/stunnel.pidoutput = /var/log/stunnelsocket = l:TCP_NODELAY=1CAfile = /etc/stunnel/server.pemverify = 3[openvpn]client = noaccept = 9843connect = x.x.x.x:yyyyPSKsecrets = /etc/stunnel/secrets.txtCode:
socket = r:TCP_NODELAY=1client = yessslVersion = TLSv1.3[client]client = yesaccept = x.x.x.x:yyyyconnect = a.a.a.a:bbbbcert = /etc/stunnel/NewPortal.pemPSKsecrets = /etc/stunnel/secrets.txtand on the server I get 'read error' in the stunnel4.log
So it seems the client is not able to generate the PSK properly.
If I switch to TSLv1.2, everything works fine, but I get warnings about using TLS1.2 and docs on the net recommend 1.3 as it being more secure and faster.
stunnel4 version 5.5.0
OpenSSL version 1.1.1n
Ideas?
Thanks!
Statistics: Posted by Prof. R. Myrkr — Sat Jun 07, 2025 3:41 am — Replies 2 — Views 65