0

Am trying to integrate a payment gateway on a site, and the gateway provider requires that requires must secured with ssl, they also recommended the use of stunnel. I have installed stunnel and configure the stunnel program to work on windows. But now i need to migrate the site to the production server which is running cent OS. I have installed stunnel on the server, and also found out that the port 5555 which was specified in the payment gateway documentation is closed. I have also generated the necessary .csr and .key files and the gateway provider has sent me the CAcert.pem file and another .pem file

The stunnel configuration file on windows looks like this

#Change below to the correct path
key=C:\certs\PREMIEREACAD.key
CAfile=C:\certs\CAcert.pem
cert=C:\certs\PREMIEREACAD.pem
client = yes
debug=debug

# Change below to the correct Stunnel log path
output=C:\Stunnel\stunnel.log
verify=1
service=stunnel
[psuedo-https]

#IP Address of MPI Test
connect = 196.46.20.36:5443
accept = 5555

My question is how can i open the port 5555, and can i use the same configuration and change the paths?. Thank you for your help

MrFoh
  • 145
  • 2
  • 2
  • 10

1 Answers1

2

When a port is closed, that means that no process is listening for connections on that port. Check whether or not stunnel is running and whether or not it is listening to the port:

ps aux | fgrep stunnel
netstat -anp | egrep '5555|stunnel'

If it is not running then check how you start stunnel. Do you have an upstart job or a sysvinit init script? Are there any configuration errors causing stunnel to abort? (Maybe incorrect path to key or certificate or incorrect permissions)

If it is running and listening to the port then you have firewall rules that are blocking connections to it. I don't know how CentOS handles initializing and saving firewall rules, but you can check the currently operating rules with various invocations of iptables.

dsh
  • 303
  • 1
  • 6