Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Generating/using an stunnel certificate file (stunnel.pem)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
RagManX
Apprentice
Apprentice


Joined: 13 Jul 2002
Posts: 220
Location: Tennessee

PostPosted: Mon Nov 18, 2002 8:42 pm    Post subject: Generating/using an stunnel certificate file (stunnel.pem) Reply with quote

I am nearing completion on installing a set of gentoo servers for an IDS project at work. During the install, I've gotten to the point where I need to set up stunnel to deliver encrypted traffic from my sensors to my console. After running an emerge on stunnel, I find that it does not come with a sample stunnel.pem nor information on how to generate one. So, googling a bit, I find information on creating the .pem file at stunnel.org. On gentoo, however, things have to be changed just a little. Here is the command I used to generate my .pem file (all one command - ignore line wraps).

Code:
openssl req -new -x509 -days 365 -nodes -config /usr/lib/ssl/openssl.cnf -out stunnel.pem -keyout stunnel.pem

Note that you will need to find your openssl.cnf file. I used:
Code:
updatedb
locate cnf

to find mine. There are a few cnf files that show up, but this one has everything necessary to start the x509 settings "interview" which is necessary to get a proper stunnel.pem file (location, organization, etc.).

Once this file is created, copy it to wherever you want to keep it, and do a:
Code:
chmod 600 /path/to/stunnel.pem

to protect it from malicious mangling. Finally, in your /etc/stunnel.conf file, make sure to add:
Code:
cert=/path/to/stunnel.pem

so your instance of stunnel knows where its keyfile is.

Hopefully, that's of use to someone and will save you the time I spent trying to figure this all out.

EDIT:Noted that first command is one line, regardless of word-wrap.

RagManX
_________________
http://www.gamingideas.com/ - an open discussion site for game improvement and new game ideas
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum