[stunnel-users] stunnel public private key authentication like ssh

Małgorzata Olszówka Malgorzata.Olszowka at stunnel.org
Wed Mar 29 16:42:22 CEST 2017

> Is there a way to configure stunnel just to check the public key of the
> provided certificate?  I want authentication between the server and the
> client to take place by public key only, no PKI just like ssh.  Is this
> possible?  Is this verify level 4, or does that still check the CN
> against the host that I am connecting to?

You can verify the peer certificate by setting the option:
verifyPeer = yes
The peer certificate needs to be stored in the file specified with Cafile.


More information about the stunnel-users mailing list