System specs: HP-UX 11.11 Stunnel 4.15 OpenSSL 0.8.7i Config File: ; Certificate/key is needed in server mode and optional in client mode ;cert = /opt/iexpress/stunnel/etc/stunnel/mail.pem ;key = /opt/iexpress/stunnel/etc/stunnel/mail.pem ; Some security enhancements for UNIX systems - comment them out on Win32 ;chroot = /opt/iexpress/stunnel/var/lib/stunnel/ ;setuid = nobody ;setgid = nogroup ; PID is created inside chroot jail pid = /tmp/stunnel.pid ; Some performance tunings socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 ;compression = rle ; Workaround for Eudora bug ;options = DONT_INSERT_EMPTY_FRAGMENTS ; Authentication stuff ;verify = 2 ; Don't forget to c_rehash CApath ; CApath is located inside chroot jail ;CApath = /certs ; It's often easier to use CAfile ;CAfile = /opt/iexpress/stunnel/etc/stunnel/certs.pem ; Don't forget to c_rehash CRLpath ; CRLpath is located inside chroot jail ;CRLpath = /crls ; Alternatively you can use CRLfile ;CRLfile = /opt/iexpress/stunnel/etc/stunnel/crls.pem ; Some debugging stuff useful for troubleshooting debug = 7 ;foreground = yes output = stunnel.log ; Service-level configuration [pop3s] ; Use it for client mode client = yes ;accept = 995 ;connect = 110 accept = localhost:110 connect = POP3S.MAILSERVER:995 ;[imaps] ;accept = 993 ;connect = 143 ;[ssmtp] ;accept = 465 ;connect = 25 ;[https] ;accept = 443 ;connect = 80 ;TIMEOUTclose = 0 ; vim:ft=dosini Problem: When I try to execute the following command "telnet localhost 110" I get an entry in the stunnel log file and I am unable to connect to the secure pop3 server. I know that this is not a firewall issue because I can telnet directly to the POP3S.MAILSERVER on port 995 and establish a connection, I also know that the server works fine because I set up stunnel on my windows xp machine and that did not have a problem establishing a connection. Any help on this issue would be great. Here is the log I am getting 2006.08.10 18:23:03 LOG5[16138:1]: stunnel 4.15 on hppa2.0w-hp-hpux11.11 with Op 2006.08.10 09:43:55 LOG5[7158:1]: 2000 clients allowed 2006.08.10 09:43:55 LOG7[7158:1]: FD 4 in non-blocking mode 2006.08.10 09:43:55 LOG7[7158:1]: FD 5 in non-blocking mode 2006.08.10 09:43:55 LOG7[7158:1]: FD 6 in non-blocking mode 2006.08.10 09:43:55 LOG7[7158:1]: SO_REUSEADDR option set on accept socket 2006.08.10 09:43:55 LOG7[7158:1]: pop3s bound to 127.0.0.1:110 2006.08.10 09:43:55 LOG7[7263:1]: Created pid file /tmp/stunnel.pid 2006.08.10 16:15:45 LOG7[7263:1]: pop3s accepted FD=0 from 127.0.0.1:57040 2006.08.10 16:15:45 LOG3[7263:1]: Connection rejected: create_client failed 2006.08.10 16:30:34 LOG7[7263:1]: pop3s accepted FD=0 from 127.0.0.1:57156 2006.08.10 16:30:34 LOG3[7263:1]: Connection rejected: create_client failed 2006.08.10 16:45:34 LOG7[7263:1]: pop3s accepted FD=0 from 127.0.0.1:57275 2006.08.10 16:45:34 LOG3[7263:1]: Connection rejected: create_client failed 2006.08.10 17:00:36 LOG7[7263:1]: pop3s accepted FD=0 from 127.0.0.1:57401 2006.08.10 17:00:36 LOG3[7263:1]: Connection rejected: create_client failed 2006.08.10 17:15:36 LOG7[7263:1]: pop3s accepted FD=0 from 127.0.0.1:57506 2006.08.10 17:15:36 LOG3[7263:1]: Connection rejected: create_client failed 2006.08.10 17:30:35 LOG7[7263:1]: pop3s accepted FD=0 from 127.0.0.1:57614 2006.08.10 17:30:35 LOG3[7263:1]: Connection rejected: create_client failed Matt T. Miller Accenture Minneapolis, MN USA 612-277-1826 aim: mttmiller8 email: matt.miller@accenture.com This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.