+=item B<requireCert> = yes | no ignored when client = yes
In my opinion, the following emphasis worth including: --- stunnel.pod.in.orig 2025-10-07 19:50:30.097392645 +0000 +++ stunnel.pod.in.new 2025-10-07 20:25:54.448391940 +0000 @@ -1065,6 +1065,8 @@ =item B<requireCert> = yes | no +Ignored when client = yes. + require a client certificate for I<verifyChain> or I<verifyPeer> With I<requireCert> set to I<no>, the B<stunnel> server accepts client
W dniu 07.10.2025 o 22:35, u34--- via stunnel-users pisze:
In my opinion, the following emphasis worth including:
--- stunnel.pod.in.orig 2025-10-07 19:50:30.097392645 +0000 +++ stunnel.pod.in.new 2025-10-07 20:25:54.448391940 +0000 @@ -1065,6 +1065,8 @@
=item B<requireCert> = yes | no
+Ignored when client = yes. + require a client certificate for I<verifyChain> or I<verifyPeer>
With I<requireCert> set to I<no>, the B<stunnel> server accepts client
This note seems unnecessary — a server sends its certificate only when one is configured and a standard TLS handshake (not based on a Pre-Shared Key) is used. According to the manual, requireCert only affects client certificate verification on the server side and is naturally irrelevant when client = yes. Best regards, Małgorzata
participants (2)
-
Małgorzata Olszówka -
u34@net9.cf