This document covers how to configure Stunnel version 4.5.6 (Unitrac 2.26.16 or higher required) to accept high cipher encryption when used for a UniTrac to UniTrac (U2U) connection. Both servers must have compatible cipher configurations or the connection will not be successful.
Remote Server (Source) Configuration
To provide the highest cipher encryption from the source UniTrac server, the following configuration is recommended:
1. Open ‘stunnel.conf’ (found in the root UniTrac directory) in a text editor as an administrative user.
2. Under the section labeled [unitrac-u2] append a new line as follows:
ciphers = HIGH
When complete, the noted section should appear as follows:
[unitrac-u2u] accept = 5443 connect = 1000 cert = stunnel.pem ciphers = HIGH
3. Restart the stunnel and CtiU2USvc services.
Client Server (Sink) Configuration
For the sink UniTrac server to receive U2U data from a source UniTrac server with the cipher configuration set to ‘HIGH’, the U2U template needs to be modified to include the correct cipher parameters.
1. Open ‘U2U-Template.xml’ (found in the root UniTrac directory) in a text editor as an administrative user.
2. Add the following cipher parameter if it does not exist.
When completed, the U2U-Template.xml file should appear as follows:
<parameter name=”connect”></parameter> <parameter name=”delay”>yes</parameter> <parameter name=”ciphers”>HIGH:!aNull:!SSLv2</parameter>
3. Restart the CtiU2USvc service.