[stunnel-users] Verify = 3 and Giganews

Thomas Eifert kxkvi at wi.rr.com
Fri Jan 13 23:01:57 CET 2012


Thanks for taking the time to answer a question about a non-stunnel

I saw the verify=4 in the manual, but was unsure about whether or
not it validated against the locally installed certificate.  I updated my
stunnel.conf, and am no longer having any issues.

Thanks again; you are one of the unsung heroes.


On 1/13/2012 11:17 AM, Michal Trojnara wrote:
> Thomas Eifert wrote:
>> 2012.01.12 14:05:01 LOG4[292:3840]: CERT: Verification error: unable
>> to get local issuer certificate
> Unfortunately sending root CA certificate within the chain is optional.
> This is why root CA certificate didn't make it to your peer-nntps3.pem.
> The good news is that in recent versions of stunnel I implemented a 
> solution for it:
>> verify = 3
> Replace it with "verify = 4".  This option only checks the peer 
> certificate, and ignores all other certificates in the chain.
> Mike
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> http://stunnel.mirt.net/mailman/listinfo/stunnel-users

More information about the stunnel-users mailing list