12 Sep
2013
12 Sep
'13
4:20 p.m.
After scouring the net I've found several isolated discussions regarding stunnel hostname validation. And also some patches that seem to implement hostname validation: https://www.stunnel.org/pipermail/stunnel-users/2010-March/002613.html I have a requirement to have stunnel (4.56) validate client certificates and their identity by comparing the its CNAME against the source address. I recall reading one response (which I can't find at the moment) from Marzena Trojnara indicating that this feature won't be supported. If so, can you explain the rational? Are there sanctioned patches out there today? Regards, -Fred