Всем добрый день.
делаем по инструкции для установления туннеля
https://support.cryptopr...gebase/Article/View/206.используем сертификат квалифицированный.
stunnel.conf:
output= c:\stunnel.log
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
debug = 7
[https]
client = yes
accept = localhost:8080
connect = api.dom.gosuslugi.ru:443
cert = c:\cert.cer
verify = 2
log:
2019.08.29 11:30:20 LOG7[8368:7244]: https accepted FD=384 from ::1:24266
2019.08.29 11:30:20 LOG7[8368:7244]: Creating a new thread
2019.08.29 11:30:20 LOG7[8368:7244]: New thread created
2019.08.29 11:30:20 LOG7[8368:1328]: client start
2019.08.29 11:30:20 LOG7[8368:1328]: https started
2019.08.29 11:30:20 LOG7[8368:1328]: FD 384 in non-blocking mode
2019.08.29 11:30:20 LOG7[8368:1328]: TCP_NODELAY option set on local socket
2019.08.29 11:30:20 LOG5[8368:1328]: https connected from ::1:24266
2019.08.29 11:30:20 LOG7[8368:1328]: FD 292 in non-blocking mode
2019.08.29 11:30:20 LOG7[8368:1328]: https connecting
2019.08.29 11:30:20 LOG7[8368:1328]: connect_wait: waiting 10 seconds
2019.08.29 11:30:20 LOG7[8368:1328]: connect_wait: connected
2019.08.29 11:30:20 LOG7[8368:1328]: Remote FD=292 initialized
2019.08.29 11:30:20 LOG7[8368:1328]: TCP_NODELAY option set on remote socket
2019.08.29 11:30:20 LOG7[8368:1328]: start SSPI connect
2019.08.29 11:30:20 LOG5[8368:1328]: try to read the client certificate
2019.08.29 11:30:20 LOG7[8368:1328]: open file C:\Work\Work\CA-PPAK.cer with certificate
2019.08.29 11:30:20 LOG5[8368:1328]: CertFindCertificateInStore not find client certificate in store CURRENT_USER. Looking at LOCAL_MACHINE
2019.08.29 11:30:20 LOG3[8368:1328]: Error 0x80092004 returned by CertFindCertificateInStore
2019.08.29 11:30:20 LOG3[8368:1328]: Error creating credentials
2019.08.29 11:30:20 LOG5[8368:1328]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2019.08.29 11:30:20 LOG7[8368:1328]: free Buffers
2019.08.29 11:30:20 LOG7[8368:1328]: delete c->hContext
2019.08.29 11:30:20 LOG7[8368:1328]: delete c->hClientCreds
2019.08.29 11:30:20 LOG5[8368:1328]: incomp_mess = 0, extra_data = 0
2019.08.29 11:30:21 LOG7[8368:1328]: https finished (0 left)
---
нигде не можем найти информацию об ошибке Error 0x80092004 returned by CertFindCertificateInStore.
сертификат установлен в хранилище пользователя. Цепочка доверия вся установлена.
даже пробовали подсовывать сертификат, не имеющий контейнера, ошибка та же самая.
Смысл понятен, что сертификат не найден - но почему?