Stunnel/Certificates

From charlesreid1

Revision as of 07:07, 30 April 2017 by Admin (talk | contribs) (Created page with "The official stunnel howto has some useful (but confusing) information about certificates: https://www.stunnel.org/howto.html <pre> stunnel has 3 methods for checking certifi...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

The official stunnel howto has some useful (but confusing) information about certificates: https://www.stunnel.org/howto.html 

stunnel has 3 methods for checking certificates, which are controlled by the verify option:

    Do not Verify Certificates
        If no verify argument is given, then stunnel will ignore any certificates offered and will allow all connections. 

    verify = 1
        Verify the certificate, if present.
            If no certificate is presented by the remote end, accept the connection.
            If a certificate is presented, then
                If the certificate valid, it will log which certificate is being used, and continue the connection.
                If the certificate is invalid, it will drop the connection. 

    verify = 2
        Require and verify certificates

        Stunnel will require and verify certificates for every SSL connection. If no certificate or an invalid certificate is presented, then it will drop the connection. 

    verify = 3
        Require and verify certificates against locally installed certificates.
Retrieved from "https://charlesreid1.com/w/index.php?title=Stunnel/Certificates&oldid=17039"