[stunnel-users] Certificate failure to verify with verify = 4 option
kxkvi at lavabit.com
Mon Jun 10 17:59:30 CEST 2013
I understand what you're saying. Nevertheless, I'm under the impression
that level 4's purpose was to ignore the CA chain entirely. From the
Ignore CA chain and only verify peer certificate."
On 6/10/2013 4:33 AM, Ludolf Holzheid wrote:
> On Sun, 2013-06-09 17:18:50 -0500, Thomas Eifert wrote:
>> CERT: Verification error: unable to get local issuer certificate
>> 2013.06.09 16:37:46 LOG4[608:2336]: Certificate check failed: depth=0
> I suppose it's what the error message says:
> Stunnel tries to verify the new certificate by following the
> certificate chain down to a trusted root certificate, and fails
> checking the issuer of a certificate involved.
> Maybe Startcom didn't only change the server certificate, but some
> intermediate certificates too. If this is the case, you may have to
> download and store the intermediate certificates so stunnel able to
> find them.
Attention: This message and all attachments are private and may contain
information that is confidential and privileged. If you received this
message in error, please notify the sender by reply email and delete the
More information about the stunnel-users