On Tue, Jan 24, 2012, Kelvin Brown wrote: > I had stunnel working on this machine but then I moved it to a remote server > and got this error: > > > 2012.01.24 17:03:04 LOG7[3236:2044]: Remote FD=348 initialized > 2012.01.24 17:03:04 LOG3[3236:2044]: error queue: 14098077: > error:14098077:SSL routines:SSL3_SEND_CLIENT_KEY_EXCHANGE:bad rsa encrypt > 2012.01.24 17:03:04 LOG3[3236:2044]: SSL_connect: 4068078: > error:04068078:rsa routines:RSA_EAY_PUBLIC_ENCRYPT:key size too small > > Anyone have any idea what is causing this? >
This could be caused by the remote server using OpenSSL 1.0.1 and thus supporting TLS v1.2. If your RSA key size is also 512 bits you'll hit this issue. If so increase the key size as 512 bits is not secure, preferably to 2048 bits. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
