What were you trying to do that didn't work?

stunnel-5.71-2.el8.x86_64 fails to start when trusted CA certificates are supplied in extended BEGIN/END TRUSTED CERTIFICATE file format, while the same configuration used to work on stunnel-5.56-5.el8_3.x86_64

Please provide the package NVR for which bug is seen:

stunnel-5.71-2.el8.x86_64

Steps to reproduce

1) stunnel configuration contains CAfile set to a trusted certificate bundle certificates in the extended BEGIN/END TRUSTED CERTIFICATE file format, i.e. to /etc/pki/tls/certs/ca-bundle.trust.crt

/etc/stunnel.conf:

[pop3]
protocol = pop3
client = yes
accept = 127.0.0.1:20110
connect = 127.0.0.1:110
checkHost = 127.0.0.1
requireCert=yes
verifyChain=yes
CAfile = /etc/pki/tls/certs/ca-bundle.trust.crt

2) stunnel.service fails to start with the following error message:

 stunnel[xxx]: [!] No trusted certificates found
 stunnel[xxx]: [!] Service [XXX]: Failed to initialize TLS context
 stunnel[xxx]: [!] Configuration failed

Expected results

stunnel has this breaking change (stop of support for certificates/bundles BEGIN/END TRUSTED CERTIFICATE format) covered in its documentation / changelog

Actual results

stunnel fails to start and the change is not covered in the documentation / changelog