diff -urNp stunnel-4.29-orig/tools/stunnel.conf-sample.in stunnel-4.29/tools/stunnel.conf-sample.in
--- stunnel-4.29-orig/tools/stunnel.conf-sample.in	2009-11-08 14:40:24.000000000 -0500
+++ stunnel-4.29/tools/stunnel.conf-sample.in	2010-01-15 16:21:47.000000000 -0500
@@ -3,14 +3,14 @@
 ; Please make sure you understand them (especially the effect of the chroot jail)
 
 ; Certificate/key is needed in server mode and optional in client mode
-cert = @prefix@/etc/stunnel/mail.pem
-;key = @prefix@/etc/stunnel/mail.pem
+cert = @sysconfdir@/stunnel/mail.crt
+;key = @sysconfdir@/stunnel/mail.key
 
 ; Protocol version (all, SSLv2, SSLv3, TLSv1)
 sslVersion = SSLv3
 
 ; Some security enhancements for UNIX systems - comment them out on Win32
-chroot = @prefix@/var/lib/stunnel/
+chroot = @localstatedir@/run/stunnel/
 setuid = nobody
 setgid = @DEFAULT_GROUP@
 ; PID is created inside the chroot jail
@@ -30,12 +30,13 @@ socket = r:TCP_NODELAY=1
 ; CApath is located inside chroot jail
 ;CApath = /certs
 ; It's often easier to use CAfile
-;CAfile = @prefix@/etc/stunnel/certs.pem
+;CAfile = @sysconfdir@/stunnel/certs.pem
+;CAfile = @sysconfdir@/pki/tls/certs/ca-bundle.crt
 ; Don't forget to c_rehash CRLpath
 ; CRLpath is located inside chroot jail
 ;CRLpath = /crls
 ; Alternatively you can use CRLfile
-;CRLfile = @prefix@/etc/stunnel/crls.pem
+;CRLfile = @sysconfdir@/stunnel/crls.pem
 
 ; Some debugging stuff useful for troubleshooting
 ;debug = 7