[stunnel-users] Stunnel and configuration

• Previous message (by thread): [stunnel-users] Stunnel and configuration
• Next message (by thread): [stunnel-users] Stunnel and configuration
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Bohdan Linda wrote:

> In other words, is it safe to use together:
> CAfile=/path/to/my/cacert.pem
> CApath=/path/to/only/clientcerts

Yes.

> Does not one override other?

No.

> Do you have your cacert.pem symlinked in 
> your CApath?

No.

> And lastly as CApath is within chroot, what is the impact 
> if certificates stored in are "stolen" by successfull break-in?

Certificates are public, so there's no additional impact.
What you need to protect is your private key.

Best regards,
    Mike

• Previous message (by thread): [stunnel-users] Stunnel and configuration
• Next message (by thread): [stunnel-users] Stunnel and configuration
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]