[stunnel-users] stunnel public private key authentication like ssh
Malgorzata.Olszowka at stunnel.org
Wed Mar 29 16:42:22 CEST 2017
> Is there a way to configure stunnel just to check the public key of the
> provided certificate? I want authentication between the server and the
> client to take place by public key only, no PKI just like ssh. Is this
> possible? Is this verify level 4, or does that still check the CN
> against the host that I am connecting to?
You can verify the peer certificate by setting the option:
verifyPeer = yes
The peer certificate needs to be stored in the file specified with Cafile.
More information about the stunnel-users