[stunnel-users] Problem with sslv2 clients

Michal Trojnara Michal.Trojnara at mirt.net
Fri Dec 16 15:02:11 CET 2011

Markus Borst (HRZ) wrote:
> Since the use of these options in this combination is not clear from
> the documentation, I have a few suggestions to update the docs:

Writing documentation is something I'm not really good at.  Feel free 
to to contribute any updates to the manual (stunnel.pod).

> As a longer term enhancement, I suggest making the "sslVersion"
> option multi-valued.

Unfortunately this is not really technically feasible due to 
limitations of the SSL/TLS protocol itself.  8-)

> And the above configuration should go as an example into the default
> config file, since this particular combination ("sslVersion=all" AND
> "options=NO_SSLv2") ist a bit counter intuitive.

This is actually quite simple:
  - sslVersion is about the version of SSL/TLS protocol specification
  - options is about internal OpenSSL tweaks:
    I don't think it's a good idea to reproduce this manual in stunnel.


More information about the stunnel-users mailing list