[stunnel-users] Target version/timeframe for drawing identity certs from Windows cert store?

Bucci, David G david.g.bucci at lmco.com
Wed Sep 22 18:57:35 CEST 2010

Hi - in an exchange last week, Michal, it sounded like you might be planning on adding the capability/option to the Windows version to select an identity certificate from the Windows certificate store (because it turns out OpenSSL added some supporting infrastructure for doing so, if I understood correctly).

For planning purposes, do you have any sense yet of whether that's really going to happen, and in what timeframe or what target version?

I think that'd be a change of high interest to a lot of people ... one suggestion, it would help integrators if there was a way to configure a msg into whatever selection dialog that comes up, asking the user to select a certificate from their identity store.  Thinking out loud -- probably also, in the case where multiple client tunnels are being set up, a way to make it either a global selection (for all client services), or a service specific selection -- hmm, though global only is probably fine, thinking about, since an integrator could always create a 2nd config, if a 2nd tunnel is needed 

Thinking further, you would probably want to be careful that it would work early on during login, since I imagine like us, integrators would want to start it from a user's Startup folder, or from a login script.  I don't know Windows well enough to know if that constrains you (if the window mgr is up during login script exec, etc.).


David G. Bucci

If you can't think of anything kind to say,
could you at least have the decency to be vague?

More information about the stunnel-users mailing list