I'm trying to use Stunnel to use a mail client that doesn't support SSL to interface with a mail server that wants to use SSL. I want to be able to use plain POP3/SMTP to some local port that Stunnel sets up and have that forward to the SSL connection on the mail server.
I was given the following files by my ISP:
username.p12
local_ca.crt
I used OpenSSL to convert both files to PEM format (for use with Stunnel) in the following way:
openssl pkcs12 -in username.p12 -out certkey.pem -nodes -clcerts
openssl x509 -in local_ca.crt -out certificate.pem
But I'm not sure how to set up my stunnel.conf file to use these files and act as I described above. My file currently looks like this:
1 cert = /Users/me/.certs/certificate.pem
2 key = /Users/me/.certs/certkey.pem
3 client = yes
4
5 [pop3s]
6 accept = 110
7 connect = remote-server:995
8
9 [ssmtp]
10 accept = 25
11 connect = remote-server:465
However I get the following error when I try to run Stunnel:
$ sudo -H ./stunnel stunnel.conf
Reading configuration from file stunnel.conf
PRNG seeded successfully
Certificate: /Users/me/.certs/certificate.pem
Certificate loaded
Key file: /Users/me/.certs/certkey.pem
SSL_CTX_use_PrivateKey_file: B080074: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
Thanks in advance for any help you might be able to provide