[stunnel-users] Target version/timeframe for drawing identity certs from Windows cert store?

Wed Sep 22 18:57:35 CEST 2010

Hi - in an exchange last week, Michal, it sounded like you might be planning on adding the capability/option to the Windows version to select an identity certificate from the Windows certificate store (because it turns out OpenSSL added some supporting infrastructure for doing so, if I understood correctly).

For planning purposes, do you have any sense yet of whether that's really going to happen, and in what timeframe or what target version?

I think that'd be a change of high interest to a lot of people ... one suggestion, it would help integrators if there was a way to configure a msg into whatever selection dialog that comes up, asking the user to select a certificate from their identity store.  Thinking out loud -- probably also, in the case where multiple client tunnels are being set up, a way to make it either a global selection (for all client services), or a service specific selection -- hmm, though global only is probably fine, thinking about, since an integrator could always create a 2nd config, if a 2nd tunnel is needed 

Thinking further, you would probably want to be careful that it would work early on during login, since I imagine like us, integrators would want to start it from a user's Startup folder, or from a login script.  I don't know Windows well enough to know if that constrains you (if the window mgr is up during login script exec, etc.).

Thx!

----
David G. Bucci

If you can't think of anything kind to say,
could you at least have the decency to be vague?