Я пытаюсь использовать stunnel с двумя доменами на одном IP.
Моя конф:
;key = /etc/ssl/private/namecheap/server.key
# See this link http://www.sysadminworld.com/2011/how-do-i-use-an-intermediate-certificate-with-stunnel/
# The intermediatev.pem is comodo-rsa-domain-validation-sha-2-w-root.ca-bundle
# Restart /etc/init.d/stunnel4 restart
cert = /etc/ssl/private/namecheap/stunnel.pem
;CApath = /etc/ssl/private/namecheap/www_soinfit_com.ca-bundle
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 7
output = /var/log/stunnel4/stunnel.log
; Protocol version (all, SSLv2, SSLv3, TLSv1)
sslVersion = all
; no, we don't want SSLv2
;options = NO_SSLv2
; Some security enhancements for UNIX systems - comment them out on Win32
chroot = /var/lib/stunnel4/
setuid = stunnel4
setgid = stunnel4
; PID is created inside the chroot jail
pid = /stunnel4.pid
[paleo-dating]
sni = https:www.paleo-dating.com
cert = /etc/ssl/private/namecheap/stunnel-dating.pem
accept = 5555
connect = localhost:5556
[shoptprod]
accept = 6676
connect = localhost:6060
[shoptest]
accept = 7676
connect = localhost:7070
[chatprod]
accept = 8686
connect = localhost:8080
[chattest]
accept = 9676
connect = localhost:9090
[groupchattest]
accept = 5656
connect = localhost:5050
[groupchatprd]
accept = 4646
connect = localhost:4040
Когда я бегу /etc/init.d/stunnel4 restart
Я получаю такую ошибку:
Restarting SSL tunnels: Clients allowed=500
stunnel 4.53 on x86_64-pc-linux-gnu platform
Compiled with OpenSSL 1.0.1e 11 Feb 2013
Running with OpenSSL 1.0.1t 3 May 2016
Update OpenSSL shared libraries or rebuild stunnel
Threading:PTHREAD SSL:+ENGINE+OCSP Auth:LIBWRAP Sockets:POLL+IPv6
Reading configuration from file /etc/stunnel/stunnel.conf
Compression not enabled
Snagged 64 random bytes from /root/.rnd
Wrote 1024 new random bytes to /root/.rnd
PRNG seeded successfully
Initializing service section [paleo-dating]
Section paleo-dating: SNI section name not found
str_stats: 39 block(s), 7369 data byte(s), 2262 control byte(s)
[Failed: /etc/stunnel/stunnel.conf]
You should check that you have specified the pid= in you configuration file