Hello everyone,

My stunnel setup is working fine, got mysql being hit from a couple of boxes but my question is this...
I have stunnel setup so i copy the cert created from the remote client over to the local server so remote connections are authenticated.
Now that works fine and dandy, the issue is, if i am adding a new remote client, i add the cert from the client to my certs.pem locally but i need to restart the stunnel process before stunnel will "read in" the new cert.
I know this does not sound like a big deal, but if i have 20 machines connected through stunnel to this local box and i need to restart stunnel whenever i need to add a new box or take off an old one, i don't think its good.

I use stunnel for mysql so i got these guys doing inserts and a broken connection would really mess things up for me... i think maybe there is a flag i can set?  or maybe send the process some type of command to reload the certs?

Any help would be appreciated... all relevant info included below.

All requested info for posts to the group are found below

Here is my stunnel.conf

verify = 3
CAfile = /etc/stunnel/certs.pem
cert = /etc/stunnel/stunnel.pem
setuid = nobody
setgid = nobody
pid = /tmp/stunnel.pid
debug = 7
output = /var/log/stunnel.log
client = no
[mysqls]
accept  = 3309
connect = 3306

Some output from the stunnel.log at high debug level

2006.11.13 23:03:10 LOG5[32244:3086689984]: stunnel 4.05 on i686-redhat-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7a Feb 19 2003
2006.11.13 23:03:10 LOG7[32244:3086689984]: Snagged 64 random bytes from /dev/urandom
2006.11.13 23:03:10 LOG7[32244:3086689984]: RAND_status claims sufficient entropy for the PRNG
2006.11.13 23:03:10 LOG6[32244:3086689984]: PRNG seeded successfully
2006.11.13 23:03:10 LOG7[32244:3086689984]: Certificate: /etc/stunnel/stunnel.pem
2006.11.13 23:03:10 LOG7[32244:3086689984]: Key file: /etc/stunnel/stunnel.pem
2006.11.13 23:03:10 LOG7[32244:3086689984]: Loaded verify certificates from /etc/stunnel/certs.pem
2006.11.13 23:03:10 LOG5[32244:3086689984]: FD_SETSIZE=1024, file ulimit=1024 -> 500 clients allowed
2006.11.13 23:03:10 LOG7[32244:3086689984]: FD 4 in non-blocking mode
2006.11.13 23:03:10 LOG7[32244:3086689984]: SO_REUSEADDR option set on accept socket
2006.11.13 23:03:10 LOG7[32244:3086689984]: mysqls bound to 0.0.0.0:3309
2006.11.13 23:03:10 LOG7[32244:3086689984]: FD 5 in non-blocking mode
2006.11.13 23:03:10 LOG7[32244:3086689984]: FD 6 in non-blocking mode
2006.11.13 23:03:10 LOG7[32245:3086689984]: Created pid file /tmp/stunnel.pid

stunnel -V
2006.11.13 23:03:14 LOG3[32248:3086505664]: -V: No such file or directory (2)

Syntax:
stunnel [filename] | -fd [n] | -help | -version | -sockets
    filename    - use specified config file instead of /etc/stunnel/stunnel.conf
    -fd n       - read the config file from specified file descriptor
    -help       - get config file help
    -version    - display version and defaults
    -sockets    - display default socket options

uname -a
Linux ramison 2.6.9-42.0.3.EL #1 Fri Oct 6 05:59:54 CDT 2006 i686 i686 i386 GNU/Linux

gcc -v
Reading specs from /usr/lib/gcc/i386-redhat-linux
/3.4.6/specs
Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --disable-checking --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-java-awt=gtk --host=i386-redhat-linux
Thread model: posix
gcc version 3.4.6 20060404 (Red Hat 3.4.6-3)

openssl version
OpenSSL 0.9.7a Feb 19 2003