[stunnel-users] Using stunnel for TLS with Geotrust cert?

MichaƂ Trojnara Michal.Trojnara at stunnel.org
Mon Mar 28 16:58:00 CEST 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 28.03.2016 16:27, Jon Bogaty wrote:
> The issue is when I setup everything on the server and try to
> connect with a client I either get for "verify 2" warnings about
> MiTM authentication problems, or for "verify 3" or "verify 4",
> which should disable CA checking altogether to my understanding,
> "Please specify CApath".

Verify levels 3 and 4 do *not* disable certificate verification.
Verify level 3 requires the peer certificate in your CAfile.
Verify level 4 *only* requires the peer certificate.

Are you sure you want to enable peer certificate (i.e. client
certificate) verification in your SSL server configuration?

Best regards,
	Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJW+UZ4AAoJEC78f/DUFuAUQmIP/ijSfVmM/E3cgg3td/O9woOz
fxsmqVhQeFh44uD8TbNj/YMhH4LgtVuunE2wtzXx63ja2GJXE2CJR66kc+aIj16U
TjQOCRWdI2zsC4rDuO3v/xsAAuFp1ztwhMX7xNQ0uUwVuJ6emqCqSLwM4FiViMu7
2gcC0em8mNfb4BemY6VwqYlITkHMOzhQZiZkP909EVbCo3yYlDN3e1CbvHbqM0Wm
t1qpB1KAixG8ThKGO40lXT/yFmWgOO7dFOqyNEV4JCdFSOSEDvUEtfvrR4yvLItk
f7nGWNfDoT1qgdHZdMG2MqexO72MvPcwOxrgFWn4bOz0fqsVzWLqH8gffy+w/L9p
mwS5p1WIMkHj9x+Fw1UUI+e6gJ8vgMYtMLJEdJu3yP3i13UY5tIRzCYANfv1vjHf
mK1afiNKyM0hM27drA1y8VJKBSjF6kJmnIAF5bh+tgVQjukr2yevxDYWb1GKg6wI
nqHvJv4moIGmySqA2Mqv32GDZn2GZCt5FK8AM6L+T6HKM143dKL9uBO9AdLi7Bmw
YfLlIvI3kgpKUCdwQ9RIirUwtThuVEqJYsl2jykseKBwuWu59vSY/np9crECWv6Z
b2For6WG5yqU7orPPJS8PV0JqLI4HRaTN1mquuQLFCrCttRvp8CIdpF40VXG7gdz
/ru7iPZfYYWG5qyvHys9
=1DFq
-----END PGP SIGNATURE-----


More information about the stunnel-users mailing list