[stunnel-users] Connecting to Oracle errors to Connection reset by peer (104)

Hello. Anybody has working setup with Oracle (SQLPlus)? Mine ends up with "Connection reset by peer". Server pid = /var/run/stunnel-oracle.pid cert = /etc/stunnel/stunnel.pem debug = 7 output = /var/log/stunnel/stunnel.log client = no [oracle] accept = 1.2.3.4:11521 connect = 127.0.0.1:1521 stunnel -version Initializing inetd mode configuration stunnel 5.71 on x86_64-redhat-linux-gnu platform Compiled/running with OpenSSL 1.1.1k FIPS 25 Mar 2021 Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Global options: fips = no RNDbytes = 1024 RNDfile = /dev/urandom RNDoverwrite = yes Service-level options: ciphers = PROFILE=SYSTEM (with "fips = yes") ciphers = PROFILE=SYSTEM (with "fips = no") ciphersuites = TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256 (with TLSv1.3) curves = P-256:P-521:P-384 (with "fips = yes") curves = X25519:P-256:X448:P-521:P-384 (with "fips = no") debug = daemon.notice logId = sequential options = NO_SSLv2 options = NO_SSLv3 securityLevel = 2 sessionCacheSize = 1000 sessionCacheTimeout = 300 seconds stack = 65536 bytes TIMEOUTbusy = 300 seconds TIMEOUTclose = 60 seconds TIMEOUTconnect = 10 seconds TIMEOUTidle = 43200 seconds TIMEOUTocsp = 5 seconds verify = none Client debug = 7 output = stunnel.log client = yes [oracle] accept = 127.0.0.1:50102 connect = 1.2.3.4:11521 verifyChain = no stunnel 5.77 on x64-pc-mingw32-gnu platform Compiled/running with OpenSSL 3.5.5 27 Jan 2026 Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI Global options: fips = no RNDbytes = 1024 RNDoverwrite = yes taskbar = yes Service-level options: ciphers = FIPS:!DH:!kDHEPSK (with "fips = yes") ciphers = HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK (with "fips = no") ciphersuites = TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256 (with TLSv1.3) curves = P-256:P-521:P-384 (with "fips = yes") curves = X25519MLKEM768:X25519:P-256:X448:P-521:P-384 (with "fips = no") debug = notice logId = sequential options = NO_SSLv2 options = NO_SSLv3 securityLevel = 2 sessionCacheSize = 1000 sessionCacheTimeout = 300 seconds stack = 131072 bytes TIMEOUTbusy = 300 seconds TIMEOUTclose = 60 seconds TIMEOUTconnect = 10 seconds TIMEOUTidle = 43200 seconds TIMEOUTocsp = 5 seconds verify = none Debug logs from server (client logs are similar) 2026.03.26 12:54:18 LOG7[main]: Found 1 ready file descriptor(s) 2026.03.26 12:54:18 LOG7[main]: FD=4 events=0x2001 revents=0x0 2026.03.26 12:54:18 LOG7[main]: FD=9 events=0x2001 revents=0x1 2026.03.26 12:54:18 LOG7[main]: Service [oracle] accepted (FD=3) from 4.5.6.7:54017 2026.03.26 12:54:18 LOG7[3]: Service [oracle] started 2026.03.26 12:54:18 LOG7[3]: Setting local socket options (FD=3) 2026.03.26 12:54:18 LOG7[3]: Option TCP_NODELAY set on local socket 2026.03.26 12:54:18 LOG5[3]: Service [oracle] accepted connection from 4.5.6.7:54017 2026.03.26 12:54:18 LOG6[3]: Peer certificate not required 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): before SSL initialization 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): before SSL initialization 2026.03.26 12:54:18 LOG7[3]: Initializing application specific data for session authenticated 2026.03.26 12:54:18 LOG7[3]: Decrypt session ticket callback 2026.03.26 12:54:18 LOG6[3]: Decrypted ticket for an authenticated session: yes 2026.03.26 12:54:18 LOG7[3]: SNI: no virtual services defined 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): SSLv3/TLS read client hello 2026.03.26 12:54:18 LOG7[3]: Deallocating application specific data for session connect address 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): SSLv3/TLS write server hello 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): SSLv3/TLS write change cipher spec 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): TLSv1.3 early data 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): TLSv1.3 early data 2026.03.26 12:54:18 LOG7[3]: Initializing application specific data for session authenticated 2026.03.26 12:54:18 LOG7[3]: Decrypt session ticket callback 2026.03.26 12:54:18 LOG6[3]: Decrypted ticket for an authenticated session: yes 2026.03.26 12:54:18 LOG7[3]: SNI: no virtual services defined 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): SSLv3/TLS read client hello 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): SSLv3/TLS write server hello 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): TLSv1.3 write encrypted extensions 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): SSLv3/TLS write finished 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): TLSv1.3 early data 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): TLSv1.3 early data 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): SSLv3/TLS read finished 2026.03.26 12:54:18 LOG7[3]: 4 server accept(s) requested 2026.03.26 12:54:18 LOG7[3]: 4 server accept(s) succeeded 2026.03.26 12:54:18 LOG7[3]: 0 server renegotiation(s) requested 2026.03.26 12:54:18 LOG7[3]: 2 session reuse(s) 2026.03.26 12:54:18 LOG7[3]: 3 internal session cache item(s) 2026.03.26 12:54:18 LOG7[3]: 0 internal session cache fill-up(s) 2026.03.26 12:54:18 LOG7[3]: 0 internal session cache miss(es) 2026.03.26 12:54:18 LOG7[3]: 0 external session cache hit(s) 2026.03.26 12:54:18 LOG7[3]: 0 expired session(s) retrieved 2026.03.26 12:54:18 LOG7[3]: Initializing application specific data for session authenticated 2026.03.26 12:54:18 LOG7[3]: Deallocating application specific data for session connect address 2026.03.26 12:54:18 LOG7[3]: Generate session ticket callback 2026.03.26 12:54:18 LOG7[3]: Initializing application specific data for session authenticated 2026.03.26 12:54:18 LOG7[3]: Deallocating application specific data for session connect address 2026.03.26 12:54:18 LOG7[3]: New session callback 2026.03.26 12:54:18 LOG6[3]: No peer certificate received 2026.03.26 12:54:18 LOG6[3]: Session id: 483B0F9A7D229A299E5FE0AF18B9BC00D26CFB781A363ABC612E6C8481EE8D11 2026.03.26 12:54:18 LOG7[3]: TLS state (accept): SSLv3/TLS write session ticket 2026.03.26 12:54:18 LOG6[3]: TLS accepted: previous session reused 2026.03.26 12:54:18 LOG6[3]: TLSv1.3 ciphersuite: TLS_AES_256_GCM_SHA384 (256-bit encryption) 2026.03.26 12:54:18 LOG6[3]: Peer temporary key: X25519, 253 bits 2026.03.26 12:54:18 LOG7[3]: Compression: null, expansion: null 2026.03.26 12:54:18 LOG6[3]: Session id: 483B0F9A7D229A299E5FE0AF18B9BC00D26CFB781A363ABC612E6C8481EE8D11 2026.03.26 12:54:18 LOG6[3]: s_connect: connecting 127.0.0.1:1521 2026.03.26 12:54:18 LOG7[3]: s_connect: s_poll_wait 127.0.0.1:1521: waiting 10 seconds 2026.03.26 12:54:18 LOG7[3]: FD=6 events=0x2001 revents=0x0 2026.03.26 12:54:18 LOG7[3]: FD=11 events=0x2005 revents=0x1 2026.03.26 12:54:18 LOG5[3]: s_connect: connected 127.0.0.1:1521 2026.03.26 12:54:18 LOG6[3]: persistence: 127.0.0.1:1521 cached 2026.03.26 12:54:18 LOG5[3]: Service [oracle] connected remote server from 127.0.0.1:43694 2026.03.26 12:54:18 LOG7[3]: Setting remote socket options (FD=11) 2026.03.26 12:54:18 LOG7[3]: Option TCP_NODELAY set on remote socket 2026.03.26 12:54:18 LOG7[3]: Remote descriptor (FD=11) initialized 2026.03.26 12:54:18 LOG6[3]: TLS fd: Connection reset by peer (104) 2026.03.26 12:54:18 LOG6[3]: transfer: SSL_read: Socket is closed 2026.03.26 12:54:18 LOG6[3]: TLS socket closed (SSL_read) 2026.03.26 12:54:18 LOG7[3]: Sent socket write shutdown 2026.03.26 12:54:18 LOG5[3]: Connection closed: 190 byte(s) sent to TLS, 663 byte(s) sent to socket 2026.03.26 12:54:18 LOG7[3]: Deallocating application specific data for session connect address 2026.03.26 12:54:18 LOG7[3]: Remote descriptor (FD=11) closed 2026.03.26 12:54:18 LOG7[3]: Local descriptor (FD=3) closed 2026.03.26 12:54:18 LOG7[3]: Service [oracle] finished (0 left)