[stunnel-users] Security suggestions on stunnel with SSL/TLS and SNI configuration
testrig at z1p.biz
Fri Aug 28 09:11:48 CEST 2015
Wow - great! Thank you so much for this detailed answer Mike!
> The "option" option may be specified in individual service sections,
> and not only as a global default.
> You should be able to restrict the SNI service to only allow a
> specific TLS version with "options" specified within the SNI service
Huh! Yes you are right!! It really works that way..
I was testing on ubuntu 14.04 with v5.22 self-build and the v4.53 ubuntu-repo-default. I was totally sure to have tested that.
Maybe i have messed up something with the openssl s_client connect parameters or in the stunnel config file.
Just tried it on both versions again - works fine, as you said. "options=NO_xxx" is read and works per service section - great!
Again - thank you very much for the help! :-)
powered by Perfect-Privacy.com / Secure-Mail.biz - anonymous and secure internet.
More information about the stunnel-users