Upgrading Stunnel to the Latest Version

From Vital Soft Wiki
Revision as of 19:44, 24 June 2025 by Johno (talk | contribs)
Jump to: navigation, search

DO NOT UPGRADE STUNNEL until you have been contacted by Vital Soft or Fiserv and told that it is ok to proceed.

NOTE: you must upgrade stunnel on all workstations using Visimage3 prior to the deadline provided by Fiserv in their client communication bulletin. Don't forget to also update any virtual machines that run Visimage3 scheduled jobs.

Prepare for Stunnel Upgrade

  • Please note that installation does require a reboot of your PC / workstation.
  • You may need Admin level access to your PC to complete the install.
  • Save copies of the following 3 files (in another location) - you will need them later in the upgrade process.
C:\Program Files\stunnel\certs.pem
C:\Program Files\stunnel\stunnel.pem
C:\Program Files\stunnel\stunnel.conf
  • Download the latest version of stunnel here.

Uninstall the Previous Version of Stunnel

  • Stop the Stunnel service
Run the Windows Services program, locate the stunnel service and click Stop.
  • Uninstall the currently installed version (5.01) of stunnel by running the following program.
C:\Program Files\stunnel\uninstall.exe
  • Verify that the C:\Program Files\stunnel directory was removed. If it remains, use File Manager to delete it.

Install Stunnel

  • Install the most recent version of stunnel (5.75 in June 2025.)
    • Choose the options that are appropriate for your organization.
    • By default, stunnel will be installed in C:\Program Files (x86)\
    • During installation you will be asked questions to create a default certificate. This certificate will not be used, so you can enter whatever values you choose or just press Enter on all of the prompts.
    • Do NOT run stunnel at the end of installation.

Install the Certificates

  • Copy the the saved certificate files from step 1 (certs.pem, stunnel.pem) into the following directory:
C:\Program Files (x86)\stunnel\conf

Customize the Stunnel Configuration

  • Edit the stunnel configuration file. The file is located here:
C:\Program Files (x86)\stunnel\conf\stunnel.conf
  • Remove the semi-colon comments from the debug and output lines (lines 11 & 12):
debug=info
output=stunnel.log
  • Add the following lines after "output=stunnel.log":
CAfile = certs.pem
cert = stunnel.pem

[Visimage Linux Prod]
; Prod connection to Linux
client = yes
accept = 30503
connect = visimage.fiservapps.com:8004

[Visimage Linux Cert]
; Cert connection to Linux
client = yes
accept = 30504
connect = visimage-cert.fiservapps.com:8004

Install the Stunnel Service

  • Install the stunnel service using Powershell. If you installed stunnel for all users on the computer, you may need to run Powershell as the Administrator.
  • When Windows Powershell is running, enter the following commands:
cd C:\Program Files (x86)\stunnel\bin
./stunnel -uninstall
./stunnel -install
  • Reboot your PC.

Verifying the Installation

  • Run Windows Services and verify that the stunnel service is running. The service is now called "Stunnel TLS Wrapper".
  • If the service is running, launch Visimage3 and test that you are able to successfully start server.

Back...

Retrieved from "https://wiki.vital-soft.com/index.php?title=Upgrading_Stunnel_to_the_Latest_Version&oldid=3702"