Tried your approach but when I went to start stunnel, I got this output (How to Secure NGINX/RTMP stream to Facebook using Stunnel) (SOLVED)

[Gaalen69]

Tried your approach (How to Secure NGINX/RTMP stream to Facebook using Stunnel) but when I went to start stunnel, I got this output:

[ ] Clients allowed=500
[.] stunnel 5.56 on x86_64-pc-linux-gnu platform
[.] Compiled with OpenSSL 1.1.1c  28 May 2019
[.] Running  with OpenSSL 1.1.1f  31 Mar 2020
[.] Threading:PTHREAD Sockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAP
[ ] errno: (*__errno_location ())
[.] Reading configuration from file /etc/stunnel/stunnel.conf
[.] UTF-8 byte order mark not detected
[ ] "/etc/stunnel/conf.d/." is not a file
[ ] "/etc/stunnel/conf.d/.." is not a file
[.] Reading configuration from file /etc/stunnel/conf.d/fb.conf
[.] UTF-8 byte order mark not detected
[.] FIPS mode disabled
[ ] Compression disabled
[ ] No PRNG seeding was required
[ ] Initializing service [fb-live]
[ ] Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK
[ ] TLSv1.3 ciphersuites: TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
[ ] TLS options: 0x02100004 (+0x00000000, -0x00000000)
[ ] No certificate or private key specified
[!] error queue: ../crypto/x509/by_file.c:199: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
[!] error queue: ../crypto/bio/bss_file.c:76: error:2006D080:BIO routines:BIO_new_file:no such file
[!] SSL_CTX_load_verify_locations: ../crypto/bio/bss_file.c:69: error:02001002:system library:fopen:No such file or directory
[!] Service [fb-live]: Failed to initialize TLS context
[ ] Deallocating section defaults

Just wondering what I may have done wrong, thought I had followed your instructions exactly, but may have forgotten something. Any suggestions?

[M1GC]

STUNNEL ERRORS

[ ] No certificate or private key specified
[!] error queue: ../crypto/x509/by_file.c:199: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib
[!] error queue: ../crypto/bio/bss_file.c:76: error:2006D080:BIO routines:BIO_new_file:no such file

Stunnel will require a ssl certificate to connect encrypted.

I noticed, the actual error is indicating you do not have a SSL CERTIFICATE.
I marked your reply, with all Green for working config in your logs, and Red to indicate what is causing stunnel not to start.

The fb.conf config is pointing to a ssl cert, but it doesn't seem to exist in the directory according to the error.
This ssl certificate may have been left out of the tutorial process, assuming the config was already in this directory during install.

I have updated the tutorial and added the instructions on how to add the ssl cert to rid these errors.
Instructions will contain information on how to create your own using letsencrypt, openssl, and Mozilla CA Authority Certificate Store,
Choose one you wish to use, and add it to the config. I Tested all 3, all are working without any errors...

Adding a certificate file, authority, and it's cert locations to the fb.conf should remedy the certificate error.

Click this link to return to the tutorial which will have updates on how to create a ssl certificate for stunnel.

Then retry to Start the Stunnel Server.
Keep me posted / Reply to this thread if you remedy the errors, or if you experience any additional errors.