[stunnel-users] Configuring Stunnel to work between client and server - possible certificate issue

Ludolf Holzheid lholzheid at bihl-wiedemann.de
Tue May 17 13:38:13 CEST 2016

On Tue, 2016-05-17 11:13:26 +0000, David Faizulaev wrote:
> I see, I have a keystore file for the server, can it be set as KEY ? can I convert keystore to PEM?

I don't know.

Some key/certificate repositories don't allow to export private keys.
Maybe there is a PKCS11 plug-in for OpenSSL to access the keystore.
If this is the case, you don't have to export your private key.  But
again, I don't know.

> Additionally, I've thought about configuring Stunnel in client mode.
> Here is the configuration:
> [..]

Running stunnel in client or server mode makes no difference
w.r.t. certificate and key files.  As long as stunnel is not able to
access your private key, the client mode won't work either.




Ludolf Holzheid
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
Tel: +49 621 33996-0
Fax: +49 621 3392239
mailto:lholzheid at bihl-wiedemann.de
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796

More information about the stunnel-users mailing list