[stunnel-users] using Android Keystore with stunnel

blacksun at directbox.com blacksun at directbox.com
Wed Sep 9 12:50:49 CEST 2020


i am using stunnel 5.56 on Android 7.0.
It is a non-rooted device.

Android stores keys and certs in the android keystore.

I am using a Let's Encrypt Cert on serverside, and on clients the 
options veryChain and chechHost.

How can i use the System-integrated CA-Certs of Android for verifying 
the server-cert issued by Let's Encrypt?

When i am searching the net, there are infos saying that the certs and 
keys are not accessible by filestructure, but there would be apis to 
access the keystore.
The keystore would be protected with the PIN of the device.


More information about the stunnel-users mailing list