[stunnel-users] Certificates, Servers & Clients. Clarify this please.

Ivan Lezhnjov Jr. ivan.lezhnjov.jr at gmail.com
Fri Aug 22 11:34:35 CEST 2008

Now that I've read a bunch of articles and have seen a pile of examples of how 
pairs of a certificate and a private key can be created I must say they all 
suggest different approaches and techniques to creating certificates and 
ultimately bewildered me.

Could anyone please explain as simply as possible, in layman's terms what 
exactly must be done?

Let's talk about simple scenario with two hosts (A & B) involved, both running 
stunnel. Let us assume host A is the server and host B is the client.

cert = 
CAfile = 

must be created.
And we use verify level 3 (verify = 3)

So, what exactly do we do now? And what happens in the dialog between these 
two machines?


  Ivan Lezhnjov Jr.

  Europe, Ukraine, Simferopol

  Source Mage GNU/Linux, kernel version 2.6.24 build #5


           Key ID 0x5811D90C
  Key Fingerprint 2A52 5C8C 38BE C04F D8DE  A169 19E2 E49A 5811 D90C
          Use GPG Exercise Your Right To Privacy 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20080822/02bcf149/attachment.sig>

More information about the stunnel-users mailing list