STunnel - Ubuntu 16.04 - GMail - Not working questions

I have configured current version of STunnel on Ubuntu.  I am getting an error and not sure how to fix it.
 
Current start up log doesn't show an error.
 
2017.04.21 07:35:46 LOG5[ui]: stunnel 5.30 on x86_64-pc-linux-gnu platform
2017.04.21 07:35:46 LOG5[ui]: Compiled with OpenSSL 1.0.2e 3 Dec 2015
2017.04.21 07:35:46 LOG5[ui]: Running  with OpenSSL 1.0.2g  1 Mar 2016
2017.04.21 07:35:46 LOG5[ui]: Update OpenSSL shared libraries or rebuild stunnel
2017.04.21 07:35:46 LOG5[ui]: ThreadingTHREAD SocketsOLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth$
2017.04.21 07:35:46 LOG5[ui]: Reading configuration from file /etc/stunnel/stunnel.conf
2017.04.21 07:35:46 LOG5[ui]: UTF-8 byte order mark detected
2017.04.21 07:35:46 LOG5[ui]: FIPS mode disabled
2017.04.21 07:35:46 LOG5[ui]: Configuration successful

Sending an email though does show this error such that email is not sent.
 
2017.04.21 07:39:13 LOG5[1]: s_connect: connected 74.125.129.108:587
2017.04.21 07:39:13 LOG5[1]: Service [gmail-smtp] connected remote server from IPOFSERVER:33792
2017.04.21 07:39:13 LOG3[1]: SSL_connect: 140770FC: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unkn$
2017.04.21 07:39:13 LOG5[1]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
 
stunnel.conf is configured as follows:
 
; Enable support for the insecure SSLv3 protocol
; options = -NO_SSLv3

; protocol version (all, SSLv2, SSLv3, TLSv1)
; sslVersion = TLSv1
sslVersion = all
options = NO_SSLv2
 
Is anyone using STunnel with GMail these days?
 
 
Added one option to gmail smtp configuration:
 
protocol = smtp
 
Logs are now a bit different but still erroring out.
 
2017.04.21 07:57:18 LOG5[1]: Service [gmail-smtp] accepted connection from 127.0.0.1:54616
2017.04.21 07:57:18 LOG5[1]: s_connect: connected 74.125.129.109:587
2017.04.21 07:57:18 LOG5[1]: Service [gmail-smtp] connected remote server from IPOFSERVER:52288
2017.04.21 07:57:18 LOG4[1]: CERT: Pre-verification error: unable to get local issuer certificate
2017.04.21 07:57:18 LOG4[1]: Rejected by CERT at depth=2: C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
2017.04.21 07:57:18 LOG3[1]: SSL_connect: 14090086: error:14090086:SSL routines:ssl3_get_server_certificate$
2017.04.21 07:57:18 LOG5[1]: Connection reset: 0 byte(s) sent to SSL, 0 byte(s) sent to socket
 
Testing with the Wintel STunnel.
 
GMail SMTP is works fine with Windows.  Tried again with Ubuntu and unable to get it to work.
 
Anyone running STunnel in Linux?

Figured out STunnel for Linux.  Simplified configuration for SMTP for GMail only.
 
Thinking of moving this over to a blog as it was a PITA mostly relating to the options available and configuration file.
 
You can install it on an RPi running Wheezy or Jessie.  This will work for HAI / Elk Email using GMail.
 
1 - sudo apt-get install stunnel4
 
2 - nano /etc/default/stunnel4
 
Change: ENABLED=0 to ENABLED=1
 
3 - Configuration
 
create a new stunned configuration file.
 
nano /etc/stunnel/stunnel.conf
 
copy and paste the following to the new file.

; **************************************************************************
; * Global options                                                         *
; **************************************************************************

; Debugging stuff (may be useful for troubleshooting)
; log = overwrite
; foreground = yes
debug = 7
output = /var/log/stunnel4/stunnel.log

; Certificate/key is needed in server mode and optional in client mode
cert = /etc/stunnel/mail.pem
; key  = /etc/stunnel/stunnel.pem

; Enable FIPS 140-2 mode if needed for compliance
fips = no
libwrap=no

; **************************************************************************
; * Service defaults may also be specified in individual service sections  *
; **************************************************************************

; Enable support for the insecure SSLv3 protocol
options = -NO_SSLv3

; These options provide additional security at some performance degradation
options = SINGLE_ECDH_USE
options = SINGLE_DH_USE

; **************************************************************************
; * Service definitions (remove all services for inetd mode)               *
; **************************************************************************

[gmail-smtp]
client = yes
accept = 5000
connect = smtp.gmail.com:465
verify = 2
CApath = /etc/ssl/certs
checkHost = smtp.gmail.com
OCSPaia = yes

4 - Generate a certificate
 
a - cd /etc/stunnel
b - sudo openssl req -new -out mail.pem -keyout mail.pem -nodes -x509 -days 365 *
* = press enter for all of the questions.  Certificate is good for 365 days
 
5 - Start stop or restart STunnel
 
sudo /etc/init.d/stunnel4 stop
sudo /etc/init.d/stunnel4 start
sudo /etc/init.d/stunnel4 restart
 
6 - Test it by looking at the stunnel log live
 
tail -f /var/log/stunnel4/stunnel.log
 
7 - Once tested and working change the stunnel.conf file logging options as so
 
; Debugging stuff (may be useful for troubleshooting)
; log = overwrite
; foreground = yes
debug = 5
output = /var/log/stunnel4/stunnel.log
 
debug = LEVEL
debugging level
Level is a one of the syslog level names or numbers emerg (0), alert (1), crit (2), err (3), warning (4), notice (5), info (6), or debug (7). All logs for the specified level and all levels numerically less than it will be shown. Use debug = debug or debug = 7 for greatest debugging output. The default is notice (5).