Good Morning Mike:
I had a question and sent to the list (it might have not gone thru) The question was that: is it possible for stunnel to go to the router, for example, 10.10.1.1, to scan for a port of interest and see whether there is a request thru that port? so the nat router would not have to forward the port to the stunnel of my local machine, e.g. 10.10.1.188, on which stunnel is listening for port 8888 and will relay it to 5631 of the local program.
Thanks
J ----- Original Message ---------------
Return-Path: [email protected] Received: from linode.mirt.net ([64.22.71.125]) by ellingtongeologic.com for [email protected]; Tue, 29 Apr 2008 03:13:13 -0700 Received: from linode.mirt.net (localhost [127.0.0.1]) by linode.mirt.net (Postfix) with ESMTP id 46BBD1D28A; Tue, 29 Apr 2008 12:12:15 +0200 (CEST) Received: from linode.mirt.net (localhost [127.0.0.1]) by linode.mirt.net (Postfix) with ESMTP id 168F81D28E; Tue, 29 Apr 2008 12:12:09 +0200 (CEST) X-Original-To: [email protected] Delivered-To: [email protected] Received: from linode.mirt.net (localhost [127.0.0.1]) by linode.mirt.net (Postfix) with ESMTP id 01A0D1D26F for [email protected]; Tue, 29 Apr 2008 12:12:01 +0200 (CEST) Received: from mike.mirt.net (localhost [127.0.0.1]) by linode.mirt.net (Postfix) with ESMTP id BE3F81C0F1 for [email protected]; Tue, 29 Apr 2008 12:12:00 +0200 (CEST) Received: from 194.203.201.98 (SquirrelMail authenticated user mtrojnar) by mike.mirt.net with HTTP; Tue, 29 Apr 2008 12:12:00 +0200 (CEST) Message-ID: [email protected] In-Reply-To: [email protected] References: [email protected] Date: Tue, 29 Apr 2008 12:12:00 +0200 (CEST) From: "Michal Trojnara" [email protected] To: [email protected] User-Agent: SquirrelMail/1.4.9a MIME-Version: 1.0 X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: ClamAV using ClamSMTP Subject: Re: [stunnel-users] Verify=3 restart needed ? X-BeenThere: [email protected] X-Mailman-Version: 2.1.9 Precedence: list List-Id: "public, moderate-volume list - general discussion, problem reports, patches" <stunnel-users.mirt.net> List-Unsubscribe: http://stunnel.mirt.net/mailman/listinfo/stunnel-users, mailto:[email protected]?subject=unsubscribe List-Archive: http://stunnel.mirt.net/pipermail/stunnel-users List-Post: mailto:[email protected] List-Help: mailto:[email protected]?subject=help List-Subscribe: http://stunnel.mirt.net/mailman/listinfo/stunnel-users, mailto:[email protected]?subject=subscribe Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: [email protected] Errors-To: [email protected] X-Virus-Scanned: ClamAV using ClamSMTP
Edouard Dessioux wrote:
I wanted to know if the stunnel needs to be restarted after a certificates has been removed ?
This is *not* the way X.509 was designed to perform certificate revocation. Use CRLs or OCSP instead.
Also see: http://stunnel.mirt.net/pipermail/stunnel-users/2004-December/000192.html http://en.wikipedia.org/wiki/Certificate_revocation_list http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol
Best regards, Mike
stunnel-users mailing list [email protected] http://stunnel.mirt.net/mailman/listinfo/stunnel-users