[stunnel-users] Verify = 3 and Giganews
kxkvi at wi.rr.com
Fri Jan 13 23:01:57 CET 2012
Thanks for taking the time to answer a question about a non-stunnel
I saw the verify=4 in the manual, but was unsure about whether or
not it validated against the locally installed certificate. I updated my
stunnel.conf, and am no longer having any issues.
Thanks again; you are one of the unsung heroes.
On 1/13/2012 11:17 AM, Michal Trojnara wrote:
> Thomas Eifert wrote:
>> 2012.01.12 14:05:01 LOG4[292:3840]: CERT: Verification error: unable
>> to get local issuer certificate
> Unfortunately sending root CA certificate within the chain is optional.
> This is why root CA certificate didn't make it to your peer-nntps3.pem.
> The good news is that in recent versions of stunnel I implemented a
> solution for it:
>> verify = 3
> Replace it with "verify = 4". This option only checks the peer
> certificate, and ignores all other certificates in the chain.
> stunnel-users mailing list
> stunnel-users at stunnel.org
More information about the stunnel-users